Bridging multiple network segments and exposing the multiple network segments as a single network to a higher level networking software on a bridging computing device

ABSTRACT

A software network bridge is disclosed which allows the connected network segments to be presented as a single network unit to the host computer. The software bridge can be implemented as an intermediate network driver, abstracting multiple network segments into a single network interface for higher level protocols and applications. While the intermediate network driver acts as a software bridge implementing the Spanning Tree Algorithm, it also acts a network interface driver to higher level protocols, conglomerating information from the multiple underlying network interface cards and forwarding along commands from the higher level software to the appropriate network interface card. The intermediate network driver can also simultaneously send the same data packet through multiple network interfaces by creating multiple packet descriptors, each pointing to the same data, but each given individually to the underlying network interfaces to control during their transmission. Further efficiencies can also be achieved by the software bridge, implemented as an intermediate network driver, through the use of a dynamic allocation scheme which increases the size of the useable buffers of each network interface without increasing the overall memory consumption, and the use of a queuing scheme which preliminarily examines incoming data packets to determine if any processing needs to be performed, and queues the packets should they require processing. Additionally, a user interface is presented exposing this functionality of the intermediate network driver.

RELATED APPLICATION

This application is related to, and claims priority from, U.S.Provisional Application No. 60/244,425, entitled “Principle of Exposinga Bridged Network as a Single Virtual Segment”, and filed on Oct. 30,2000.

TECHNICAL FIELD

This invention relates generally to computer networks and, moreparticularly, relates to a software network bridge on a host computingdevice.

BACKGROUND OF THE INVENTION

As personal computer prices have decreased, and the number of personalcomputers purchased has increased, many households and small businessesfind themselves with more than one useful computer. Often this resultsin individuals with their own machine, who would otherwise be forced toshare a computer. While it is beneficial for family members andemployees to have their own computers, information sharing between thecomputers becomes more problematic. For example, in a family with onlyone computer, a report being written by one of the children would belocated on that system only. However, in a family which shares two ormore computers, the report might be located on a computer which iscurrently in use by a sibling, or different versions of the report mightbe located on different machines. Similarly, a business with more thantwo computers may have some records stored on each machine, and may evenhave different versions of the same record on each machine.

One solution would be to network the computers together such that thedata stored on each computer is available to every other computer. Thus,one member of the family could have access to their report withoutregard to which machine it was last edited and saved on; and employeescan have access to every record regardless of which system is currentlyavailable for them to use. Networking also shares personal computerperipherals. For example, while new computers were often purchased totake advantage of increases in processing power, printers have notexperienced such dramatic improvements, and were not upgraded as often.Therefore, while many families and small business may have two or morecomputers of varying age and speed, they often only have one printer. Acomputer network allows each computer to have access to the printer.Similarly, other peripherals such as backup storage devices andscanners, can also be shared.

The recent trend towards affordable fast Internet connections is alsoincreasing the need for families and small business to network theircomputers together. Generally, fast connections to the Internet andWorld Wide Web were reserved for larger businesses who could justify thehigh cost of such connections. More recently, as the cost of high speedInternet access has decreased, more small businesses and families canafford high speed Internet access. Access to the Internet through thehigh speed connection can be shared through a computer network in asimilar fashion to the sharing of peripherals.

Because of the existence of a number of different networkingtechnologies, each with its own benefits and drawbacks, families andsmall businesses often need to integrate two or more different types ofnetworks. A family may have an Ethernet network connecting two ore moredesktop computers together and sharing a printer and a high speedInternet connection, and they may also have a wireless networkconnecting a laptop to one of the desktop computers. The difficultyarises when the laptop user wishes to gain access to the printer andhigh speed Internet connection. Generally, such home and small businessnetworks rely on simple, if any, networking hardware, and can beconnected by a simple cable and software on the computers themselves.However to combine the wireless network with the Ethernet network, thefamily would either have to purchase, or implement through software, arouter or a bridge to connect the two networks. Routers are oftendifficult for an average computer user to set up properly, exposing theuser to networking complexities. Bridging is a more simple solution,requiring little or no configuration by the user. When two networksegments are connected with a bridge, the computers on each segmentperceive the bridged multi-segment network as if it consisted of onlyone segment. However, to software on the bridging computer, the segmentsstill appear distinct and separate.

Because the bridged segments still appear as separate on the bridgingcomputer, software components on that computer may operateinefficiently. In fact, such network components may not even operateproperly on a bridging computer, or may require a complex and tedioussetup. For example, if the interconnected network used the TransmissionControl Protocol/Internet Protocol (TCP/IP), and the TCP/IP networkcomponent on the bridging computer was bound to both network segments,it would require that each segment be considered as an separate IPsubnet. However, a major benefit of bridging is that the entiremulti-segment network can be treated as a single IP subnet. Hence thebridging computer would have to bind its TCP/IP network component toonly a single network segment, relying on the bridge to transfer packetsto the other segments. However, if the network segment to which theTCP/IP component is bound is a slow network, the TCP/IP component willnot be able to take advantage of the faster network segments, slowingthe entire interconnected network. Furthermore, the processing ofoutbound packets would be inefficient because the TCP/IP component wouldtransmit the packets onto the network segment to which it is connected,even if the destination computer is not on that network segment.Similarly, inbound packet handling would also be inefficient because thebridge would have to transfer every packet destined for the bridgingcomputer from the network segment on which it was originally sent to thenetwork segment to which the TCP/IP network component is bound. Thiswastes bandwidth and creates an inefficient network.

Additionally, because network components are needed by higher levelsoftware to perform tasks such as web browsing, and saving and editingfiles across a network, the only alternative to the inefficienciesdescribed above is for the user to avoid using the bridging computer foranything other than the most rudimentary tasks, thereby eliminating theneed for many network components. However, most families and smallbusinesses do not have the resources to dedicate an entire computer toact as a bridge between network segments. A solution, therefore, isrequired which would allow network components on the bridging computerto perceive the bridged network as a single entity, allowing familiesand small business to continue to use the bridging computer withoutrestrictions.

SUMMARY OF THE INVENTION

Accordingly, the present invention provides a system for bridgingmultiple network segments with a software bridge and exposing thenetwork segments as one network to the computer running the bridge andto network components on that computer.

The present invention additionally provides a method for efficientlytransmitting a packet of information simultaneously through more thanone network interface. The present invention also provides a system fordynamically allocating resources such that each network interfacereceives more usable memory than a fair static allocation scheme wouldallow.

The present invention additionally provides a method for returningprocessing to the network interface driver as quickly as possible byimplementing a queuing scheme for received data.

The invention solves the above difficulties encountered when operating asoftware bridge on a computer by providing a novel method and system forexposing, to the computer running the bridge and to the networkcomponents on the computer, the bridged network segments as a singlenetwork unit. The network components perceive only the single networkunit and, therefore, operate properly and efficiently. Similarly, byallowing those higher level network applications to simultaneously sendthe same data across all of the network connections, should such abroadcast be necessary, the present invention increases the efficiencyof the multiple network connections, as accessed by the bridgingcomputer.

The present invention can be implemented as an intermediate networkdriver which acts as a network bridge complying with the Spanning TreeAlgorithm. The Spanning Tree Algorithm ensures that, in a network withmultiple bridges, even if the physical topology creates loops, thebridges do not forward the same packet over and over again in a circularfashion. Each bridge is required to have a unique identification number.The lowest number bridge becomes, by default, the root bridge. TheSpanning Tree Algorithm then denominates each port of each bridge aseither a root port, a designated port, or neither. Ports classified asroot ports or designated ports can forward and receive packets, butports which are neither are set to a blocking state and do not forward,nor receive packets.

The intermediate network driver contemplated by the present inventionalso abstracts the multiple network segments into a single virtualnetwork for the host computer. When accessed by higher level protocols,the intermediate network driver appears to be controlling only onenetwork interface card (NIC). However, when communicating with themultiple underlying NICs, the intermediate network driver acts as astandard network protocol to each NIC. To effectively present itself asa NIC single driver, while accepting and providing information formultiple underlying NICs, the intermediate driver contemplated by thepresent invention conglomerates, in a request specific manner,information from the underlying NICs to present to higher levelprotocols in response to queries from those protocols, and forwardsrequests and instructions from the higher level protocols onto each NIC.

Because multiple NICs are controlled by the intermediate network drivercontemplated by the present invention, efficiencies exist when theintermediate driver must send the same packet to more than one NIC. EachNIC can be given control of a packet descriptor, which identifies thelocation in memory of the data of the packet, which is to be sent by theNIC. Thus, each NIC can individually release control of its own packetdescriptor when it has completed sending the information. Theintermediate driver contemplated by the present invention createsduplicate packet descriptors, each identifying the same data in the samememory locations, such that each individual NICs can be given control ofa separate packet descriptor at the same time. The present inventionthen tracks the packet descriptors, and releases the memory locationsholding the data to be sent when all NICs have completed theirtransmission. This is efficient because the packet data, which isusually much larger and more expensive to copy than a packet descriptor,need not be duplicated in memory. The present invention alsocontemplates the maintenance of a pointer to an original packetdescriptor, such that the intermediate network driver can accomplishmultiple sends in parallel even in the situation where it is notpermitted to make use of the packet descriptor originally furnished toit.

Further efficiencies can be realized through the intermediate networkdriver contemplated by the present invention, such as a dynamic bufferallocation scheme which can provide more buffer space to an individualNIC than a static allocation scheme, without increasing the overallconsumption of memory by the networking subsystem. Because the presentinvention can be implemented as an intermediate network driver whichcontrols multiple NICs, the intermediate driver can apportion the bufferstorage to each NIC from the total memory available to the networksubsystem. As a network segment experiences a slow down, requiring moredata to be buffered by the NIC, the intermediate driver can grant tothat NIC more memory than it would have received under a staticallocation scheme so long as the amount of free memory remaining at theintermediate driver's disposal is greater than a pre-determined amount,which acts as a safety buffer. Should a second network segmentexperience a slowdown, the intermediate network driver contemplated bythe present invention can grant the second NIC memory from the safetybuffer. As the first NIC transmits data and clears some buffers, and asits requests for additional buffers are declined, its share of memorydecreases, and the second NIC can thereby be granted more buffer space.Thus, the dynamic allocation scheme implemented in the intermediatedriver of the present invention provides more usable memory to the NICs,in situations where only a few network segments are experiencing aslowdown, by allowing the buffer sizes to expand past the size providedby a static allocation scheme.

The intermediate network driver contemplated by the present inventioncan also provide queuing of received data such that processing can bereturned quickly to the underlying NIC driver. Initially, when a packetof data is received by the NIC, the present invention provides for aminimal analysis to be performed on the packet to determine if thepacket is to be processed. Packets from one computer on a networksegment to another computer on the same segment do not need to beprocessed by the present invention, while packets directed to othernetwork segments or the host computer require processing. Should apacket require processing, the packet can be placed on a queue for laterprocessing. The initial analysis allows processing to be returned to theNIC driver in a relatively constant and efficient amount of time, andallows the processing of received packets to be more evenly distributedbetween the NICs controlled by the present invention.

A user interface to the intermediate network driver is also contemplatedby the present invention. An exemplary user interface would allow accessto the bridging functionality of the intermediate network driver andwould also provide a single element for the bridged network segment.Also, an exemplary user interface would prevent the user from modifyingan individual bridged network segment so that it did not conform to thesettings of the bridged network. Additional features and advantages ofthe invention will be made apparent from the following detaileddescription of illustrative embodiments that proceeds with reference tothe accompanying figures.

BRIEF DESCRIPTION OF THE DRAWINGS

While the appended claims set forth the features of the presentinvention with particularity, the invention, together with its objectsand advantages, may be best understood from the following detaileddescription taken in conjunction with the accompanying drawings ofwhich:

FIG. 1 is a block diagram generally illustrating an exemplary computersystem on which the present invention resides;

FIG. 2 is a block diagram generally illustrating an exemplary computernetwork environment in which the present invention operates;

FIG. 3 is a block diagram generally illustrating the networking layersin which the present invention operates;

FIG. 4 is a block diagram generally illustrating the packet structureused by the present invention;

FIG. 5 is a block diagram generally illustrating a circular networktopology in which the present invention can be used;

FIG. 6 is a block diagram generally illustrating alternative networkinglayers in which the present invention operates;

FIG. 7 is a block diagram generally illustrating an alternative packetstructure used by the present invention; and

FIGS. 8 a through 8 d are screen images generally illustrating anexemplary user interface presented by the present invention.

DETAILED DESCRIPTION OF THE INVENTION

Turning to the drawings, wherein like reference numerals refer to likeelements, the invention is described hereinafter in the context of acomputing environment. As will be described in detail below and withreference to the attached drawings, the invention is a software networkbridge which exposes the network segments as a single network unit tothe host computer, implements a software bridge conforming with theSpanning Tree Algorithm, allows for the same data to be sent to multiplenetwork segments simultaneously, assigns buffer space using a dynamicmemory allocation scheme, and provides for efficient initial analysisand queuing of incoming packets. Although it is not required forpracticing the invention, the invention is described as it can beimplemented by computer-executable instructions, such as programmodules, that are executed by a computing device. Generally, programmodules include routines, programs, objects, components, data structuresand the like that perform particular tasks or implement particularabstract data types.

The invention may be implemented in any number of computing devices,such as personal computers (PCs), hand-held devices, multi-processorsystems, microprocessor-based or programmable consumer electronics,network PCs, minicomputers, mainframe computers and the like. Theinvention may also be practiced in distributed computing environments,where tasks are performed by remote processing devices that are linkedthrough a communications network. In a distributed computingenvironment, program modules may be located in both local and remotememory storage devices.

Although the software network bridge may be incorporated into many typesof computing environments as suggested above, the following detaileddescription of the invention is set forth in the context of an exemplarygeneral-purpose computing device 20 as shown in FIG. 1. Beforedescribing the invention in detail, the computing environment in whichthe invention operates is described in connection with FIG. 1.

Turning to FIG. 1, the computing device 20 includes a processing unit21, a system memory 22, and a system bus 23 that couples various systemcomponents including the system memory to the processing unit 21. Thesystem bus 23 may be any of several types of bus structures including amemory bus or memory controller, a peripheral bus, and a local bus usingany of a variety of bus architectures. The system memory includes readonly memory (ROM) 24 and random access memory (RAM) 25. A basicinput/output system (BIOS) 26, containing the basic routines that helpto transfer information between elements within the computing device 20,such as during start-up, is stored in ROM 24. The computing device 20further includes a hard disk drive 27 for reading from and writing to ahard disk 60, a magnetic disk drive 28 for reading from or writing to aremovable magnetic disk 29, and an optical disk drive 30 for readingfrom or writing to a removable optical disk 31 such as a CD ROM or otheroptical media.

The hard disk drive 27, magnetic disk drive 28, and optical disk drive30 are connected to the system bus 23 by a hard disk drive interface 32,a magnetic disk drive interface 33, and an optical disk drive interface34, respectively. The drives and their associated computer-readablemedia provide nonvolatile storage of computer readable instructions,data structures, program modules and other data for the computing device20. Although the exemplary environment described herein employs a harddisk 60, a removable magnetic disk 29, and a removable optical disk 31,it will be appreciated by those skilled in the art that other types ofcomputer readable media which can store data that is accessible by acomputer, such as magnetic cassettes, flash memory cards, digital videodisks, Bernoulli cartridges, random access memories, read only memories,and the like may also be used in the exemplary operating environment.

A number of program modules may be stored on the hard disk 60, magneticdisk 29, optical disk 31, ROM 24 or RAM 25, including an operatingsystem 35, one or more applications programs, such as applicationprogram 36, other program modules 37, program data 38, and networkingsoftware components and drivers, such as wire-based network interfacecard (NIC) driver 61 and wireless NIC driver 62. A user may entercommands and information into the computing device 20 through inputdevices such as a keyboard 40 and a pointing device 42. Other inputdevices (not shown) may include a microphone, joystick, game pad,satellite dish, scanner, or the like. These and other input devices areoften connected to the processing unit 21 through a serial portinterface 46 that is coupled to the system bus, but may be connected byother interfaces, such as a parallel port, game port or a universalserial bus (USB). A monitor 47 or other type of display device is alsoconnected to the system bus 23 via an interface, such as a video adapter48. Additionally, a printer 66 or other hard copy output device isconnected to the computing device 20 through the serial port interface46 or other interface, such as those listed above. In addition to themonitor and printer, computing devices typically include otherperipheral output devices, such as speakers, which are not shown.

The computing device 20 may operate in a networked environment usinglogical connections to one or more additional computing devices, such asa remote server 49, a portable computer 63 and a desktop computer 65.The remote server 49 may be another computing device, such as a server,a router, a network PC, a peer device or other common network node, andtypically includes many or all of the elements described above relativeto the computing device 20. The portable computer 63 may be anothercomputing device, such as a portable personal computer, a pen-basedportable computer, a handheld computer, or a personal organizer, andalso typically includes many or all of the elements described aboverelative to the computing device 20. Similarly, the desktop computer 65may be another PC, a workstation, a server, or a network PC, and alsotypically includes many or all of the elements described above relativeto the computing device 20. The logical connections depicted in FIG. 1include a local area network (LAN) 51 and a wide area network (WAN) 52.Such networking environments are commonplace in homes, offices,enterprise-wide computer networks, intranets and the Internet.

When used in a LAN networking environment, the computing device 20 canbe connected to the local network 51 through a network interface oradapter, such as a wire-based Network Interface Card (NIC) 53 or awireless NIC 54. When used in a WAN networking environment, thecomputing device 20 typically includes a broadband modem 64, such as acable modem or Digital Subscriber Line (DSL) modem, or other means forestablishing communications over the WAN 52. The broadband modem 64,which may be internal or external, is connected to the computing device20 through a wire-based NIC 53. In a networked environment, programmodules depicted relative to the computing device 20, or portionsthereof, may be stored in the remote server 49 or the portable computer63. It will be appreciated that the network connections shown areexemplary and other means of establishing a communications link betweenthe computers may be used.

In the description that follows, the software network bridgecontemplated by the invention will be described with reference to actsand symbolic representations of operations that are performed by one ormore computers, unless indicated otherwise. As such, it will beunderstood that such acts and operations, which are at times referred toas being computer-executed, include the manipulation by the processingunit of the computer of electrical signals representing data in astructured form. This manipulation transforms the data or maintains itat locations in the memory system of the computer, which reconfigures orotherwise alters the operation of the computer in a manner wellunderstood by those skilled in the art. The data structures where datais maintained are physical locations of the memory that have particularproperties defined by the format of the data. However, while theinvention is being described in the foregoing context, it is not meantto be limiting as those of skill in the art will appreciate that variousof the acts and operations described hereinafter may also be implementedin hardware.

In accordance with one important aspect of the invention, a softwarebridge for connecting two network segments can be implemented on abridging computer as an intermediate network interface driver. Turningto FIG. 2, the connections shown in FIG. 1 are presented again in a moresimplified format. Computing device 20 is connected via a wire-basedconnection 100, such as an Ethernet connection, to a desktop computer65. Computing device 20 and desktop computer 65 can be two computerswithin the same household or small business. Computing device 20 alsohas a wireless connection 102 such as a wireless Ethernet connection, tothe portable computer 63. The portable computer 63 can also be acomputer within the same household or small business as computing device20 and desktop computer 65. Computing device 20 also maintainsconnections to a printer 66 and a broadband connection to the Internet104 through the broadband modem 64. By networking the computing device20, desktop computer 65 and portable computer 63 into a virtual LAN 51shown in FIG. 2, each of the computers can access shared resources, suchas the printer 66 and the broadband Internet connection through modem64.

To allow portable computer 63 access to the information stored on thedesktop 65, a software bridge 106 can be implemented on computing device20, linking the wire-based network 100 with the wireless network 102.The software bridge can be implemented as an intermediate network driver120 as shown in FIG. 3. The intermediate network driver 120 can bridgethe wire-based network 100 with the wireless network 102 by receivingdata from each network and passing it onto the other network, asappropriate. For example, as shown in FIG. 3, the intermediate networkdriver can receive data from either the wire-based NIC driver 61 or thewireless NIC driver 62 through lower-level protocol interfaces 124 and125. The intermediate network driver 120 can then determine whether thedata is meant for the host computing device 20, or whether it was sentto a machine on a different network segment, and the intermediate driver120 can then pass the data up to the applications on the host computingdevice through a higher level network interface 122 or back down throughthe protocol interfaces 124 and 125 to the appropriate network segment,as necessary. As will be described in more detail below, the softwarebridge implemented by the intermediate driver 120 can conform to theSpanning Tree Algorithm. In a LAN in which the physical layout of thenetwork contains loops, such that multiple bridges connect the variousnetwork segments in one or more loops, the Spanning Tree Algorithm canensure that the multiple bridges do not continue to forward the samedata continuously around the network. Thus, by implementing the SpanningTree Algorithm, the software bridge can insure its operation in anynetwork topology.

In addition to acting as a bridge between the network segments, thesoftware bridge implemented in the intermediate network driver 120 canalso expose only one higher level interface 122 to higher levelnetworking software, including higher level applications and protocols,such as application program 36 and other program modules 37, exposingthe various network segments as one network to higher-level software onthe host computing device 20. Returning to FIG. 2, with the bridge 106operational and connecting the wire-based network segment 100 with thewireless network segment 102, the desktop computer 65 and the computingdevice 20 appear to the portable computer 63 to be on the same networksegment, namely the wireless network segment 102. Similarly, theportable 63 and the computing device 20 appear to the desktop 65 to beon the same network segment, namely the wire-based network segment 100.However, a simple software bridge on computing device 20 will maintainthe two network segments 100 and 102 as separate when viewed from thecomputing device 20. The current invention presents, to the softwarebridge host computing device 20, desktop 65 and portable 63 as twocomputers on the same network segment. By exposing a single higher levelinterface 122, as shown in FIG. 3, the intermediate network driver 120allows higher level software to send data to either the portable 63 ordesktop 65 through the same interface. Since the portable 63 and thedesktop 65 are accessed through what appears to higher level software tobe the same network interface, they are presented to that higher levelsoftware as being on the same network segment. This significantlysimplifies the configuration of higher-level software modules on thecomputing device 20.

In order to present the single higher level interface 122, theintermediate network driver conglomerates, in a request specific manner,information from the lower level drivers 61 and 62 and presents thisinformation to higher level networking software, including higher levelapplications and protocols, such as application program 36 and otherprogram modules 37. For example, as will be described further below,higher level applications and protocols can query information from theNICs, such as the maximum speed of the network, or the current number ofsent packets. The intermediate network driver 120 receives theserequests and responds to them by conglomerating the information from thelower level drivers 61 and 62. For example, the intermediate driver 120,upon receiving a request for the number of sent packets, can query thewire-based NIC driver 61 and the wireless NIC driver 62 each for thenumber of packets each has sent. The intermediate driver 120 can thenadd these numbers together and provide the sum as the response to thehigher level request. Alternatively, the intermediate driver 120 cancontinually monitor the number of packets sent by the NIC driver 61 andthe wireless NIC driver 62, conglomerating the information in real-time.The intermediate driver 120 can then respond to a request for the numberof packets sent by itself, without the need to query underlying drivers.By conglomerating the information, the intermediate driver 120 cancontinue to present network segments 100 and 102 as a single networksegment to the host computer 20. As will be described further below, theintermediate driver 120 can also pass along to the appropriate drivers61 or 62 set requests from higher level applications.

In accordance with a second important aspect of the invention, theintermediate network driver 120 of FIG. 3 can simultaneously send,through the wire-based NIC 53 and the wireless NIC 54, the same data. Asis known by those of skill in the art, data is sent across a network byproviding the data to a network interface and granting the interfacecontrol over that data until it has finished sending it across thenetwork. When the transmission has completed, the control of the datacan be returned by the network interface, and the data can besubsequently modified. The present invention monitors the transmissionof the data by both of the NICs 53 and 54 and does not release the datato the transmitting application until both of the NICs have finishedtransmitting. In such a manner, a single copy of the data can betransmitted simultaneously by multiple interfaces, avoiding the need tomake additional copies of the data, or transmitting it first through oneinterface and then another.

Turning to FIG. 4, an exemplary data packet 231 is shown. The datapacket 231 is the original packet provided to the intermediate driver120, and is structured such that the data is stored in data buffers 221,223, and 225, whose location in memory is pointed to by bufferdescriptors 233, 235, and 237. The present invention can create a newpacket, base packet 201, which refers to the same data stored in databuffers 221, 223, and 225. The base packet 201 points to the databuffers with buffer descriptors 205, 207, and 209. It is important tonote that the base packet 201, containing only buffer descriptors,occupies significantly less memory than the data of the packet 231,which is stored in buffers 221, 223, and 225. The base packet 201contains two elements in addition the buffer descriptors, namely thepointer 202 to the original packet 231 and the counter 203. The counter203 tracks the number of child packets of the base packet still inexistence. Should the intermediate network driver 120 of the presentinvention need to send the same data packet simultaneously through boththe wire-based network segment 100 and the wireless network segment 102,it can create an additional packet, such as child packet 211. Childpacket 211 also refers to the data in buffers 221, 223, and 225, pointedto by the child packet's own buffer descriptors 215, 217, and 219.However, instead of a counter, the child packet 211 contains a pointer213 to the base packet 201. For each child packet pointing to the basepacket, the counter 203 in the base packet is incremented by theintermediate network driver 120. Child packet 211, like based packet201, occupies significantly less memory than the data to be transmitted,which is stored in buffers 221, 223, and 225. By creating a child packetwhich only points to the data, the present invention avoids the need toduplicate the data itself. Thus, significant memory savings can beachieved because the intermediate driver 120 need only maintain one copyof the data itself, namely buffers 221, 223, and 225.

After creating a base packet and sufficient child packets, theintermediate driver 120 can then send the data simultaneously acrossmultiple network segments by providing, to the interface of each networksegment, one of the packets. For example, packet 201 can be given to thewire-based NIC driver 61 to send across the wire-based network segment100 and packet 211 can be given to the wireless NIC driver 62 to sendacross the wireless network segment 102. Assuming that the wire-basedNIC 53 has a higher data throughput than the wireless NIC 54, it mayfinish sending the packet first. However, the intermediate networkdriver 120 will not release control of the data to the higher leveltransmitting application because the counter 203 is not zero, since thewireless NIC 54 is still sending the child packet 211. When the wirelessNIC 54 completes its send, it can return control of packet 211 to theintermediate driver 120. The intermediate driver 120 can discard thechild packet, decrement the counter 203 in the base packet, and thendiscard it as well, and return control of the original packet 231 to thesending application since the counter of the base packet will be zero.The invention can thereby accomplish multiple sends of the same data inparallel while maintaining the appearance of a single network segment tohigher level applications. Furthermore, because the intermediate networkdriver 120 does not copy the data itself, contained in the data buffers,the present invention provides the ability to perform multiple sends inparallel without a significant increase in memory consumption.

In accordance with another important aspect of the invention, a dynamicmemory allocation scheme can be used to more efficiently and fairlyallocate memory among the NIC drivers controlled by the presentinvention. Returning to FIG. 3, the intermediate network driver 120 canbe granted a pre-determined amount of memory to act as buffer storagefor the multiple lower level interfaces. The share of the intermediatenetwork driver's memory used to store packets for an individual lowerlevel interface is that lower level interface's buffer. Should aninterface be granted too little memory as a buffer, its ability to queuepackets for later transmission in the event of a network slowdown willbe diminished, resulting in discarded packets and poor performance.Therefore, the intermediate network driver 120 manages the bufferstorage memory by attempting to dynamically grant as much memory aspossible to the interface which currently is in need of buffer space,while maintaining some amount of memory in reserve should anotherinterface require an increase in its buffer size.

The memory available to the intermediate driver 120 can be divided bythe number of network interfaces the driver abstracts. Thus, in FIG. 3,the memory available can be divided among the wire-based NIC driver 61and the wireless NIC driver 62. Each, therefore, is allocated half ofthe total amount, which is deemed to be the interface's “fair share”.Additionally, some of the memory initially allocated to the intermediatedriver 120 can be set aside as a “safety buffer”. The dynamic memoryallocation scheme contemplated by the present invention operates bystoring a packet for a requesting interface if the current memoryallocated to the interface is less than that interface's fair share. Thedynamic memory allocation scheme can continue to store packets for arequesting interface even after the memory allocated to the interfacehas exceeded its fair share, as long as the amount of memory remainingunused is larger than the safety buffer. Thus, with the system shown inFIG. 3, should the wireless NIC 54 experience a slowdown and requireadditional buffer space, the intermediate network driver 120 caninitially store packets for the wireless NIC driver 62 up to its fairshare;

namely half of the memory available to the intermediate driver 120.Should the wireless NIC driver 62 need still to buffer more packets, theintermediate driver can assign more of its memory to buffering packetsfor the wireless NIC driver 62, assuming that the wire-based NIC 53 isnot simultaneously experiencing a slowdown. The wireless NIC driver 62can, thereby, be allowed to use more memory that it would under a staticmemory allocation scheme.

The dynamic memory allocation scheme reclaims buffer space once thepacket stored therein has been transmitted by the NICs, therebyconstantly refreshing its pool of available memory. Returning to thesituation described above, where packets buffered for the wireless NICdriver 62 have consumed all of the available memory except for thesafety buffer; if the wire-based NIC 53 also experiences a networkslowdown, packets destined for the wire-based NIC driver 61 caninitially be stored in the free memory remaining as the safety buffer.As the wireless NIC 54 sends packets, the wireless NIC driver 62 will nolonger need to buffer those packets, and the intermediate network driver120 can return the memory buffering those packets into the pool of freememory.

However, further requests to the intermediate driver 120 by the wirelessNIC driver 62 to buffer new packets can be declined by the intermediatedriver, since the total memory remaining is now less than the safetybuffer. As a result, the memory used to buffer packets destined for thewireless NIC driver 62 decreases. Concurrently, requests to theintermediate driver 120 by the wire-based NIC driver 61 to buffer packetdestined for the wire-based NIC driver 61 will continue to be granted asthat network segment has not yet used up its fair share of memory. Insuch a manner, the dynamic allocation scheme can assign a large amountof memory to one network segment in the event of a slowdown, and yet becapable of maintaining fairness by satisfying the memory requests of theother network segments.

In accordance with yet another important aspect of the invention,packets received by the lower level network interfaces are first brieflyexamined by the intermediate network driver 120 of the present inventionto determine if the received packets require processing by the computingdevice 20 hosting the software bridge or whether they should beretransmitted on another network segment. If the packets do not requireprocessing, they can be ignored, increasing the efficiency of thebridge. If the packets require processing, they can be placed on a queueto be processed. Packets addressed to a destination other than computingdevice 20, and which do not require to be transferred from one networksegment to another by the bridge, do not require any processing by thecomputing device 20 and can be ignored. If the intermediate driver 120were to simply process each packet as it arrives, some packets, such asthose that do not require any processing by the host computing device 20or the intermediate driver 120, would be dealt with very quickly, whilepackets which required significant processing would consume a lot oftime. Because of this variance in the amount of time between receipt ofa packet by the network interface and the restoration of control to thenetwork interface so that it can receive a new packet, the network canexperience uneven transmission rates, decreasing the efficiency of thenetwork. By preliminarily examining the incoming packets, and queuingthose which require processing, control can be more predictably returnedto the network interface to receive additional packets. Because thelength of time during which the network interface does not have controlis relatively constant, the network can maintain a consistent rate oftransfer, increasing the efficiency of the network. Furthermore, byqueuing the packets which require processing, the processing can occurat more convenient moments, and provide additional efficiencies, whichwill be explained further below.

In accordance with a further important aspect of the invention, a userinterface to the functionality of the intermediate driver 120 and lowerlevel network components can be provided. One exemplary user interfaceis shown in FIGS. 8 a through 8 d. The exemplary user interface providesaccess to the intermediate network driver's abilities to bridge two ormore individual network segments together, as shown in FIG. 8 b. Oncethe individual network segments are bridged, the exemplary userinterface can present the bridged network to the user as a singleinterface point, as shown in FIG. 8 c. The user is, therefore, presentedwith a single bridged network just as the higher level networkingsoftware is presented with a single bridged network interface by theintermediate network driver 120. The exemplary user interface can alsoallow the user to change the properties, both of the bridged network asa unit, and of individual network segments, as shown in FIG. 8 d. Toavoid undermining the efforts to present the bridged network to higherlevel networking software as a single interface, the exemplary userinterface should not allow the user to modify the properties of anindividual network segment that is part of the bridged network. Theexemplary user interface will be described in more detail below, withreference to FIGS. 8 a through 8 d.

In keeping with the invention, a software network bridge can beimplemented on a host computing device to interconnect one or morenetwork segments such that devices on each network segment can accessother devices and share peripherals on any other network segment. Thesoftware bridge can also abstract the bridged network segments such thatthey appear to the host computing device to be a single network segment.As is known by those skilled in the art, a network bridge, implementedeither in software or hardware, interconnects network segments byexamining the destination of each transmitted packet of information andforwarding the packet to the network segment through which it can reachits intended destination. Turning to FIG. 2, desktop computer 65 cansend information to the portable computer 63 by specifying, as part ofthe transmitted packet, the address of the portable computer 63, such aMedia Access Control (MAC) address in an Ethernet environment. Thesoftware bridge of the current invention can examine the packet todetermine if it needs to be transferred between network segment 100 andnetwork segment 102. As will be described below, the software bridgemaintains a database of known addresses and the connections throughwhich those addresses can be reached. Thus, upon receiving the packetcontaining the address of the portable 63, the software bridge candetermine, with reference to the database, that the portable 63 can bereached through the network segment 102. The bridge can then forward thereceived packet to the portable 63 through network segment 102. As aresult of the bridge's functionality, the portable computer 63 appearsto the desktop 65 to be on the same network as the desktop.

The software bridge of the present invention can be implemented as theintermediate network driver 120 of FIG. 3. However, as will beunderstood by those of skill in the art, the software bridge of thepresent invention is not limited to bridging only two network segments.Thus, while the implementation of the software bridge shown in FIG. 3contains only two ports 124 and 125, the descriptions below contemplatea software bridge without limit to the number of ports or the number ofnetwork segments bridged together. Each of the ports 124 and 125 of theintermediate network driver 120 are connected to individual networksegments through network interfaces, such as the wire-based NIC 53 andits corresponding driver 61 and the wireless NIC 54 and itscorresponding driver 62. Therefore, as will be explained in more detailbelow, when the intermediate network driver 120 sends a packet through agiven port, it passes it to the network interface connected to thatport, which, in turn, transmits the packet across the network segment towhich that network interface is connected. Similarly, packets from anetwork segment are received by the network interface and indicated tothe intermediate network driver through the port to which the networkinterface is attached.

The software bridge of the present invention, implemented asintermediate network driver 120, creates and maintains a databasemapping the network addresses of computers on the network to the portthrough which that network address can be reached. When the ports 124and 125 are either in a “learning” or “forwarding” state, which will bedescribed in more detail below, the software bridge examines the sourceaddress of every packet that is received through ports 124 and 125. Thesoftware bridge then enters into the database the source address and theport at which messages from this address were detected. Addresses whichdo not correspond to an individual computer, but are instead broadcastor multicast addresses, are not included in the database.

Should the bridge need to forward a packet to an address, it can look upthe address in the database, and will send the packet out through thesame port that messages from the address were detected. Because thenetwork topology may change unexpectedly as devices get plugged into andunplugged from the network, the entries in the database can becontinuously updated. Thus, if the bridge detects packets with a givensource address on a different port, it can modify the database toreflect the perceived change in topology. Similarly, it is possible thatthe computer corresponding to the detected address becomes disconnected.To accommodate for such a situation, the bridge can also set a timer or“expiration date” for each entry in the database, such that entrieswhich have not been updated or verified for a particular length of timeare discarded.

The software bridge of the present invention can receive data from themultiple network segments 100 and 102 and forward the data through theappropriate network interface so that it reaches its indicateddestination or destinations. When a data packet is received at a networkinterface and given to the software bridge, the bridge can determine thedestination address of the packet. Addresses corresponding to individualcomputers can be referenced in the forwarding database, and the packetcan be sent out by the bridge through the port indicated in thedatabase. If there is no entry in the database corresponding to thedestination address, the software bridge can send the packet out to allof the bridged network segments. While such data packet “flooding” isinefficient, it often delivers the packet to the intended recipient, whogenerally responds. Once the bridge detects the response at a particularport, an entry will be added to the forwarding database, and futurecommunications to that recipient will not need to be flooded. Datapackets whose indicated destination is not an individual computer, suchas broadcast or multicast packets, can always be flooded, since everydevice on the network could be interested in receiving such packets.

Because the network segment interfaces, such as NICs 53 and 54, detectevery packet on their respective network segments, there may be packetsdelivered to the intermediate driver 120 which do not require anyprocessing on the part of the intermediate driver. As is known by thoseskilled in the art, devices on an individual network segment communicateby transmitting a packet through the physical connection of the networksegment. Because each device on the network segment has an interfacedetecting signals on the physical connection, each packet sent by everydevice is detected by every other device. Those packets not addressedfor a given device, however, are simply ignored by that device.Similarly, the software bridge of the present invention does not need toprocess packets from a device on one network segment to another deviceon the same segment. Such packets will be detected by the intendedrecipient without intervention by the bridge. The forwarding databasecan be consulted only for those packets destined for computers onnetwork segments other than the segment of the sending computer. In onepreferred embodiment, the software bridge of the present inventionoperates in an Ethernet network. As is known by those skilled in theart, Ethernet packets contain the MAC address of the sending computerand the destination MAC address.

Thus, the forwarding database contains entries corresponding a given MACaddress to a port number through which the bridge can send packetsdestined for the given MAC address. The forwarding database can beimplemented as a hash table with singly-linked lists of entries for eachhash bucket. An exemplary structure used for the forwarding database canbe as follows:

 typedef struct _MAC_FWDTABLE_ENTRY  { HASH_TABLE_ENTRY hte; PADAPTpAdapt;  } MAC_FWDTABLE_ENTRY, *PMAC_FWDTABLE_ENTRYAn exemplary HASH_TABLE_ENTRY structure used with the forwardingdatabase structure above, can be as follows:

typedef struct _HASH_TABLE_ENTRY { struct _HASH_TABLE_ENTRY *Next; ULONGLastSeen; // Result of // NdisGetSystemUpTime( ) UCHARkey[MAX_SUPPORTED_KEYSIZE]; // User's data // follows }HASH_TABLE_ENTRY, *PHASH_TABLE_ENTRY;Each MAC_FWDTABLE_ENTRY structure holds the MAC address of a computer,stored in the hte.key field, and a pointer to the network interface onthe which the address was noted (pAdapt). The HASH_TABLE_ENTRY structurealso has an entry (LastSeen) which is updated every time the MAC addressstored in the structure is noted. This facilitates the removal ofinformation from the database which may be too old to be accurate. Inone preferred embodiment, information which is has not been entered orupdated within the last 300 seconds is removed by a timer function whichruns every 15 seconds.

The pointer to the network interface (pAdapt) mentioned above, is apointer to a data structure which contains information regarding aparticular network interface. An exemplary structure used to storenetwork interface information by the software bridge can be as follows:

typedef stuct _ADAPT ADAPT, *PADAPT; typedef struct _ADAPT { PADAPTNext; // Next adapter in queue LONG AdaptSize; // Size of structure //(storage for DeviceName is at tail) WAIT_REFCOUNT Refcount; // Refcountfor the adapter // State must be updated inside a write lock on //gAdapterCharacteristicsLock, since an adapter's relaying status //affects our miniport's virtual status. // Only the STA code writes tothis field; all other code should // treat it as read-only. PORT_STATEState; // // Various useful info about the adapter. None of these fieldsare // ever changed after adapter initialization. // NDIS_STRINGDeviceName; NDIS_STRING DeviceDesc; UCHAR  MACAddr[ETH_LENGTH_OF_ADDRESS]; NDIS_MEDIUM PhysicalMedium; // Set to NO_MEDIUMif // the NIC doesn't report // something more specific NDIS_HANDLEBindingHandle; BOOLEAN bCompatibilityMode; // TRUE if the adapter // isin compatibility mode // These two fields are used while opening /closing an adapter NDIS_EVENT Event; NDIS_STATUS Status; // This fieldis volatile BOOLEAN bResetting; // The queue and bServiceInProgress isprotected by this spin lock NDIS_SPIN_LOCK QueueLock; BSINGLE_LIST_HEADQueue; BOOLEAN bServiceInProgress; // This allows a caller to wait onthe queue becoming empty. It is // updated when an item is queued ordequeued. WAIT_REFCOUNT QueueRefcount; // Auto-clearing event to requestservicing of the queue KEVENT QueueEvent; // These fields are locked bygAdapterCharacteristicsLock for all // adapters together ULONGMediaState; // NdisMediaStateConnected and // NdisMediaStateDisconnectedULONG LinkSpeed; // Units of 100bps // (10MBps == 100,000) // Thisstructure is locked by gQuotaLock for all adapters togetherADAPTER_QUOTA  Quota; // Quota information for this adapter //Statistics LARGE_INTEGER SentFrames; // All frames sent (includingrelay) LARGE_INTEGER SentBytes; // All bytes sent (including relay)LARGE_INTEGER SentLocalFrames; // Frames sent from the local // machineLARGE_INTEGER SentLocalBytes; // Bytes sent from the local machineLARGE_INTEGER ReceivedFrames; // All received frames // (includingrelay) LARGE_INTEGER ReceivedBytes; // All received bytes // (includingrelay) STA_ADAPT_INFO STAInfo; // STA data for this adapter // Set oncefrom FALSE to TRUE when STA initialization on this // adapter hascompleted. This flag is set inside the gSTALock. BOOLEAN bSTAInited; }ADAPT, *PADAPT;Using the ADAPT structure illustrated above, the software bridge canstore information regarding the network interfaces it bridges in a likedlist. Therefore, Next is a pointer to another ADAPT structure containingthe information of the next interface in the list. The number AdaptSizeindicates the size of the ADAPT structure, which can vary because, inone embodiment, storage for the device's name and description can beallocated in the same block as the ADAPT structure itself. TheWAIT_REFCOUNT structure indicates the number of separate activereferences to the ADAPT structure (Refcount) and allows code to wait forthe Refcount to reach zero. The PORT_STATE structure contains thecurrent state of the interface. An interface can be set to a number ofstates, such as the Blocking, Listening, Learning, and Forwarding statesfor those interfaces complying with the Spanning Tree Algorithm, asdescribed in detail below. The DeviceName and DeviceDesc are merely thename and description of the interface. The interface's Ethernet MACaddress can be stored in MACAddr[ETH_LENGTH_OF_ADDRESS], the nature ofthe physical medium used by the adapter can be stored in PhysicalMedium,the maximum throughput of the adapater can be stored in LinkSpeed, andan indication of whether the adapter is “plugged in” can be stored inMediaState. BindingHandle stores a handle to be used when referring tothe adapter, and the Boolean variable bCompatibilityMode indicateswhether the adapter is being operated in the compatibility mode. AnNDIS_EVENT structure can indicate the completion of the opening orclosing of the adapter, and the NDIS_STATUS structure can indicate thestatus of the open or close attempt when it has completed. A Boolean,bResetting, indicates whether the adapter is resetting. Queue is thehead of a singly-linked list of packets received on this adapter thatare waiting to be processed, QueueRefcount is the number of packetswaiting to be processed, and the Boolean bServiceInProgress indicateswhether the list of packets is currently being serviced. AnNDIS_SPIN_LOCK structure protects the Queue and bServiceInProgressfields, and QueueEvent is a synchronization event used to signal thatthis adapter's packet queue is currently being serviced. The adapter'smemory usage can be tracked using the ADAPTER_QUOTA structure, and thenumber of frames and bytes that the adapter has sent or received can betracked with the integers SentLocalFrames, SentLocalBytes,ReceivedFrames, and ReceivedBytes, respectively. As described in detailbelow, if the adapter is being used to conform with the Spanning TreeAlgorithm, STAInfo can store the Spanning Tree Algorithm state of theadapter, and the Boolean bSTAInited can indicate whether the SpanningTree Algorithm has initialized the adapter.

As mentioned above, the software bridge of the present invention canconform with the Spanning Tree Algorithm (STA) as described in IEEEdocument 802. 1D, 1993 edition, entitled “InformationTechnology—Telecommunications and Information Exchange BetweenSystems—Local Area Networks—Media Access Control (MAC) Bridges”published in 1993 and incorporated herein by reference in its entirety.The STA can prevent bridges from forwarding packets endlessly innetworks whose physical topology contains loops. The operation of theSTA can be illustrated using a more complicated network setup, such asthat shown in FIG. 5. FIG. 5 contains multiple network segments, 300,302, 304, 306, and 308 labeled network segments A through E,respectively, which are interconnected by network bridges 310, 316, 322,and 330. As can be seen, network segments 300, 302, 308, and 304,together with bridges 310, 316, 322, and 330 form a circular loop.Consider a broadcast packet originating from a computer on networksegment 300. Without the STA, such a packet would be forwarded bybridges 310 and 330 to network segments 302 and 304. The same packetwould subsequently be forwarded to the computers in network segment 308by bridge 332 and then again by bridge 316, resulting in duplicatepackets being received by the network segment 308. Network segment 306would only receive one copy initially from bridge 322. The packet frombridge 316 would pass through network segment 308 and subsequently beforwarded by bridge 332 to network segment 304 and 306, and the packetfrom bridge 332 would pass through network segment 308 and subsequentlybe forwarded by bridge 316 to network segment 302. Without the STA, thecircular topology of the network in FIG. 5 would not only result in thesame packet continually forwarded around in a loop, but also results inendless copies of the packet being delivered to each computer in theloop.

The Spanning Tree Algorithm can avoid such looping problems byselectively blocking certain ports of the network bridges. As is knownby those skilled in the art, each bridge has a unique identifier, oftenbased on the lowest number address of one of the bridge's interfaces tothe bridged network segments. The bridge with the lowest identifier isknown as the “root bridge”. The port of every other bridge in thenetwork through which packets are most efficiently sent to the rootbridge is known as the “root port”. Thus, turning to FIG. 5, if bridge310 is the root bridge, then port 318 on bridge 316 is the root port ofbridge 316. It offers the most direct route to the root bridge sincepackets must only pass through network segment 302 before reaching theroot bridge.

Alternatively, port 320 is not the root port, as packets would have topass through network segments 308, 304, and 300, and bridges 322 and 330prior to reaching the root port. Similarly port 326 of bridge 322 andport 334 of bridge 330 are also root ports of those bridges. Bridge 310,because it is the root bridge, does not contain a root port. Under theSTA, root ports are allowed to receive and send data; they are notblocked.

On any given network segment, one of the bridges connected to thatsegment is selected to forward packets through its root port to the rootbridge. Such a bridge is called the “designated bridge” for theparticular network segment. The port of the designated bridge connectingit to the particular network segment, for which the bridge is forwardingpackets to the root bridge, is the “designated port”. The designatedport is the port through which the network segment sends communicationsto the root bridge. For example, both ports 312 and 314 of the rootbridge are designated ports, as they are the ports through which networksegments 300 and 302, respectively, send packets to the root bridge 310.Network segment 306 can only send packets to the root bridge throughport 324 of bridge 322, thus port 324 is the designated port for networksegment 306. Similarly, network segment 308 can most efficiently forwardpackets to the root bridge through port 320 of bridge 322, making port320 the designated port for network segment 308. Like root ports,designated ports are allowed to send and receive data and are notblocked.

To succeed in preventing continuous packet forwarding in circularnetwork topologies, the STA requires that all ports of all of thebridges which are not either root ports or designated ports, are to beblocked. Thus any port which is neither a root nor a designated portwill not be allowed to transmit data, nor will it be allowed to receivedata, except for STA packets, which will be described in more detailbelow. Returning to FIG. 5, ports 318, 328, and 334 are root ports, asdescribed above, and are not blocked. Ports 312, 314, 320, 324, and 332are designated ports, as described above, and are also not blocked.However, port 326 is neither a designated port nor a root port, andthus, under the STA, it is blocked. The effect of blocking port 326 orbridge 322 can be seen by re-analyzing the situation described abovewhere a computer in network segment 300 sent a broadcast packet. Thepacket would be forwarded to network segment 302 through port 314 ofbridge 310 and to network segment 304 through port 332 of bridge 330.Subsequently the packet would be forwarded to network segment 306 byport 324 of bridge 322 and to network segment 308 by port 320 of bridge316. However, unlike the situation described above without theimplementation of the STA, the packet would not be forwarded a secondtime to network segment 308 by bridge 322, because port 326 is neither aroot port nor a designated port, and cannot forward packets. Similarly,the packet from network segment 308 will not be circulated to networksegments 304 and 306 again because port 326, as it is in a blockingstate, will not receive the packet from network segment 308. Therefore,the implementation of the STA ensured that each network segment receivedthe packet only once, and that, despite the circular physical topology,the packet was not endlessly forwarded around the network.

To determine which bridge is the root bridge, and which ports are theroot ports and designated ports, the bridges implementing the STAoccasionally send their own data through the network, known as STApackets. When a bridge is first added to the network, it can assume thatit is the root bridge. Upon receiving an STA packet, the bridge willcompare its bridge identifier to the bridge identifier of the bridgesending the STA packet. If the sending bridge's identifier is lower, thebridge receiving it can internally store the identifier of the sendingbridge as the root bridge. Because bridges periodically send STApackets, eventually each bridge in the network can contain theidentifier of the same bridge as the root bridge. Generally, to minimizethe number of STA packets occupying bandwidth on the network, onlybridges believing themselves to be root bridges sent STA packets.Bridges which have the identifier of a different bridge listed as theroot bridge merely forward STA packets, and increment thedistance-to-root field of the packet. In this manner, the STA packetscan not only be used to identify the root bridge, but they also informbridges of the distance to the root bridge.

Each bridge, which is not the root bridge, can keep track of which portoffers the shortest distance to the root bridge. As explained above,this is the root port. For all of the other ports of the bridge, thebridge can monitor the STA packets to determine if there is anotherbridge connected to the same network segment which offers a lowerdistance-to-root. If there is no such bridge, then the port connected tothat network segment becomes the designated port for that networksegment. Each port of a bridge which is determined to be either a rootport or a designated port is kept in the forwarding state and is allowedto receive and send data across the network segments. Every other portof the bridge is kept in the blocking state, and is not allowed to sendor receive data, except for the receipt of STA packets, which can alwaysbe allowed.

Under the STA, the ports of a bridge can be in one of a number ofstates. Four main states that can be defined are the blocking state, thelistening state, the learning state, and the forwarding state. Asdescribed above, the blocking state does not forward any packets andinbound packets are blocked, except for STA packets, which are letthrough. The listening state can be identical to the blocking state,except that it is a transitory state, as the bridge accommodates changesin the network. In the learning state, inbound packets are examined, andthe forwarding database is updated as described above. However, nopackets are forwarded except for STA packets. After a sufficientforwarding table has been created the port can enter the forwardingstate which, as described above, receives and sends packets. Theforwarding table can continue to be updated when a port is in theforwarding state as well.

In addition to providing the services of a network bridge in software,the present invention can also abstract the interconnected networksegments as a single network connection to the host computer, as wasbriefly described above. Returning to FIG. 3, the wire-based NIC 53 andthe wireless NIC 54 of FIG. 1 are shown at the bottom of a network layerdiagram illustrating the networking software on the bridge hostcomputing device 20. Each NIC has its respective NIC driver 61 and 62,also shown in FIG. 3. The bridging functions of the software bridge ofthe present invention can be implemented by the intermediate networkdriver 120 as described in detail above. The intermediate driver 120 canalso expose a single higher level network interface 122 to higher levelnetworking software, including higher level applications and protocols,such as application program 36 and other program modules 37. By exposingonly a single higher level interface 122, the intermediate driver 120can allow the higher level applications and protocols to interact withwire-based network segment 100 and wireless network segment 102 as ifthe computers and peripherals on those segments were on the samesegment.

Packets being sent by higher level networking software, including higherlevel applications or protocols on computing device 20 can be deliveredto higher level interface 122 of the intermediate network driver 120.The intermediate driver can then determine whether the packet isdirected to a single address, or whether it is a multicast or broadcastpacket. If the packet is directed to a single address, the intermediatedriver 120 can reference the forwarding database, described in detailabove, to determine the appropriate port through which to send thepacket such that it most efficiently reaches its intended destination.For example, if the packet sent by application program 36 was directedto desktop computer 65, then the intermediate driver 120 would send thepacket through port 124 to the wire-based NIC driver 61, since port 124is connected, through the wire-based NIC 53, to the network segmentcontaining desktop computer 65, namely the wire-based network segment100 of FIG. 2. However, if the packets sent by higher level applicationsor protocols are to be broadcast, the intermediate driver 120 cansimultaneously send the packets to all of the bridged network segmentswithout creating multiple copies of the packet, as will be described infurther detail below. For example, a broadcast packet could be sent, bythe intermediate driver 120, through ports 124 and 125 simultaneously.

The software bridge of the present invention, implemented asintermediate network driver 120, can also receive packets directed tohost computing device 20 through either network segments 100 or 102.When a packet is received by a network segment interface, it isdelivered to the intermediate driver 120 through a port by the networkinterface driver. The intermediate driver 120 can then determine whetherthe packet is addressed to the host computing device 20, to anotherdevice, or whether it is a broadcast or multicast packet. If the packetis addressed to another computer, it can be sent to that computer bybeing forwarded out through the port indicated in the forwardingdatabase. Alternatively, the packet may be addressed to another computeron the same network segment as the sending computer. In such a case theintermediate driver does not need to forward the packet. However,packets directed to the host computing device 20 can be delivered tohigher level applications or protocols, to perform further decoding ofthe packet, through higher level interface 122. Similarly, multicast orbroadcast packets can be delivered to the higher level applications orprotocols on the host computing device 20, in additional to beingforwarded to all of the other network segments.

In one preferred embodiment, the software bridge of the presentinvention can be implemented in a Microsoft WINDOWS brand operatingsystem environment, networked to an Ethernet network. The softwarebridge can be implemented as a Network Device Interface Specification(NDIS) Intermediate Driver. As is known by those skilled in the art,NDIS provides a specification for the implementation of network drivers.A driver is said to be an NDIS driver if it can accept requests andcreate responses and requests of its own which conform with the NDISinterfaces. NDIS defines a number of characteristics which can bedefined and queried. The NDIS intermediate driver implementing thesoftware bridge of the present invention can respond to NDIS requestsfrom higher level applications and protocols. Because the intermediatedriver abstracts multiple underlying network interfaces, its responsesto NDIS requests need not pass through the details of each underlyinginterface, but can represent a request specific conglomeration of thedetails of each interface such that the higher level applications andprotocols only perceive the single interface being exposed by thepresent invention. For example, a higher level application can query alower level driver for the speed of the link being maintained by theinterface through the use of an NDIS_REQUEST structure in which theObject IDentifier (OID) of the operation is OID_GEN_LINK_SPEED. If theintermediate driver of the present invention receives an OID_(—GEN)_(—LINK)_SPEED request, it can perform the same request to each of theunderlying lower level network interface drivers. Once each driver hasresponded, the intermediate driver can respond to the original requestwith the maximum link speed reported by any of the lower level networkinterface drivers. Alternatively, the intermediate driver 120 canreceive the maximum link speed from each lower level network interfacedriver when the intermediate network driver 120 initializes itsconnection to the lower level network interface driver. In such asituation, the intermediate driver 120 can respond to OID_GEN_LINK_SPEEDby itself, without the need to query the lower level drivers. Becauseprotocols such as the Transmission Control Protocol/Internet Protocol(TCP/IP) can more easily decrease their transmission speeds rather thanincrease them, the present invention conglomerates the information fromthe underlying drivers, in this situation, by providing the maximum linkspeed reported by any of the underlying drivers. This allows thosedrivers which, in fact, support the maximum link speed provided by theintermediate driver to operate at their peak while those drivers whosemaximum link speed is, in fact, less than that provided will simplyappear to the higher level protocols as operating at less than themaximum possible speed.

Determining the link speed is only one of a number of NDIS requestswhich can be made of the intermediate driver. Table 1 below lists anumber of NIDS query request OIDs and a preferred response from thesoftware bridge implemented as an intermediate NDIS driver. Similarly,Table 2 below lists a number of NDIS query request OIDs which arespecific to Ethernet drivers. As was stated above, in one preferredembodiment, the software bridge of the present invention operates in anEthernet network. Thus, Table 2 also provides preferred responses fromthe software bridge.

TABLE 1 Characteristic name Bridge response OID_GEN_SUPPORTED_LIST AllOIDs listed List of supported OIDs in this table OID_GEN_HARDWARE_STATUSNdisHardwareStatus- Hardware status Ready OID_GEN_MEDIA_SUPPORTEDNdisMedium802_3 Media types supported (encoded) onlyOID_GEN_MEDIA_IN_USE NdisMedium802_3 Media types in use (encoded) onlyOID_GEN_MAXIMUM_LOOKAHEAD = OID_GEN_RE- Maximum in bytes, receivelookahead size CEIVE_BLOCK_(—) SIZE (the bridge driver always providesthe full packet to higher-level drivers) OID_GEN_MAXIMUM_FRAME_SIZE 1500bytes (this OID is Maximum in bytes, frame size specified to not includethe size of frame headers) OID_GEN_LINK_SPEED Maximum link speed Linkspeed in units of 100 bps reported by any bound NIC driverOID_GEN_TRANSMIT_BUFFER_SPACE 15K (reported as a Transmit buffer spacenumber of bytes). This is a typical value for an Ethernet NIC.OID_GEN_RECEIVE_BUFFER_SPACE 150K (reported as a Receive buffer spacenumber of bytes). This is a typical value for an Ethernet NIC.OID_GEN_TRANSMIT_BLOCK_SIZE 1514 (the maximum Minimum amount of storage,in bytes, that a Ethernet frame size) single packet occupies in thetransmit buffer space of the NIC OID_GEN_RECEIVE_BLOCK_SIZE 1514 (themaximum Amount of storage, in bytes, that a single Ethernet frame size)packet occupies in the receive buffer space of the NIC OID_GEN_VENDOR_ID0xFFFFFF (No IEEE- Vendor NIC code registered vendor code)OID_GEN_VENDOR_DESCRIPTION “Microsoft MAC Vendor network carddescription Bridge Virtual NIC” OID_GEN_VENDOR_DRIVER_VERSION MAC Bridgedriver Vendor-assigned version number of the version number driver(currently 1.0) OID_GEN_CURRENT_PACKET_FILTER Current value of theCurrent packet filter (encoded) packet filter for this bindingOID_GEN_CURRENT_LOOKAHEAD 1514 (the maximum Current lookahead size inbytes Ethernet frame size) OID_GEN_DRIVER_VERSION NDIS version in useNDIS version number used by the driver by bridge NIC (currently 5.0)OID_GEN_MAXIMUM_TOTAL_SIZE 1514 (the maximum Maximum total packet lengthin bytes Ethernet frame size) OID_GEN_MAC_OPTIONS NDIS_MAC_(—) OptionalNIC flags (encoded) OPTION_NO_(—) LOOPBACK only (the bridge driver doesnot handle loopbacks internally) OID_GEN_MEDIA_CONNECT_STATUSNdisMediaState- Whether the NIC is connected to the network Connected ifat least one NIC is in this state; NdisMediaState- Disconnected if allNICs are in that state. OID_GEN_MAXIMUM_SEND_PACKETS A large number Themaximum number of send packets the (currently 0xFF) driver can acceptper call to its MiniportSendPackets function OID_GEN_SUPPORTED_GUIDS Notsupported (no reply) The custom GUIDs (Globally Unique Identifier)supported by the miniport OID_GEN_PHYSICAL_MEDIUM Not supported (noreply) Physical media supported by the miniport (encoded)

TABLE 2 Characteristic name Bridge response OID_802_3_PERMANENT_ADDRESSThe bridge builds the MAC Permanent station address address it is to useby setting the “locally administered” bit in the MAC address of thefirst NIC to which it binds OID_802_3_CURRENT_ADDRESS Same as Currentstation address OID_802_3_(—) PERMANENT_(—) ADDRESS.OID_802_3_MULTICAST_LIST Query: Bridge returns the Current multicastaddress list current multicast list Set: Bridge driver records requestedmulticast addresses OID_802_3_MAXIMUM_LIST_SIZE A large value (currentlyMaximum size of multicast address list 0x0000000F) OID_802_3_MAC_OPTIONSNot supported (no reply) NIC flags (encoded)In addition to defining properties which can be queried, NDIS alsodefines operational characteristics which can be set by higher leveldrivers, applications, and protocols. For example, an NDIS_REQUESTstructure specifying an OID of OID_GEN_CURRENT_PACKET_FILTER can be usedto set the packet filtering settings of an NDIS driver. A packet filter,as is known by those of skill in the art, can specify to a driver whichtype of packets are to be indicated to higher level software and whichtypes of packets are to be ignored. For example, higher-level protocolcomponents may or may not be interested in receiving broadcast ormulticast network frames. By setting the intermediate driver's packetfilter, higher-level protocols can control whether or not they receivebroadcast or multicast frames. The intermediate driver implementing thesoftware bridge of the present invention can receive the NDIS requestspecifying packet filtering through OID_GEN_CURRENT_PACKET_FILTER andstore the requests in an internal reference to determine which packetsto indicate to the higher level protocols. Thus, the software bridge canoperate the lower level network interface drivers in “promiscuous” relaymode, where every packet that is received by the network interface isrelayed by the driver to the software bridge. The software bridge canthen compare the packets addressed to the host PC to the internalfiltering reference to determine if the packet should be relayed to thehigher level applications, or should be ignored. Table 3 below listsadditional NDIS set request OIDs and a preferred response from thesoftware bridge implemented as an intermediate NDIS driver.

TABLE 3 Characteristic name Bridge action OID_GEN_CURRENT_PACKET_FILTERRecords specified Current packet filter (encoded) filter settingOID_GEN_CURRENT_LOOKAHEAD Accepted but Current lookahead size in byteswithout effect OID_GEN_PROTOCOL_OPTIONS Accepted but Optional protocolflags (encoded) without effect OID_GEN_NETWORK_LAYER_ADDRESSES Passedthrough to List of network-layer addresses associated with eachunderlying the binding between a transport and the driver NICOID_GEN_TRANSPORT_HEADER_OFFSET Passed through to Size of packets'additional header each underlying NIC

The software bridge of the present invention can relay packets from onenetwork segment to another, or can provide those packets to the hostcomputer. Often, a packet received on one network interface may need tobe sent out to multiple different network interfaces, or may need to besent to a different network interface, and provided to the hostcomputer. The software bridge of the present invention provides forperforming such multiple transmissions in parallel, to increase theefficiency of the network system.

Turning to FIGS. 2 and 3, the application program 36 on the hostcomputing device 20 may seek to send a broadcast packet to everycomputer in the virtual LAN 51 (comprised of wireless network segment102 and wire-based network segment 100). Such a packet would be providedto the software bridge of the present invention, implemented asintermediate network driver 120, by a higher level application such asapplication program 36. The intermediate network driver 120 can then, inturn, provide the packet to all of the underlying network interfaces,namely the wire-based NIC driver 61 and the wireless NIC driver 62. Thedrivers 61 and 62 can then send the packet through the wire-based NIC 53and wireless NIC 54, respectively to network segments 100 and 102.

As is known by those skilled in the art, packets are sent across anetwork by providing a NIC driver with access to a location in memorywhere the data of the packet resides. The driver can then incrementallyread the data from the location in memory and instruct the NIC to placethe appropriate signals onto the network medium. Another NIC at thereceiving end will decode the signals sensed on the network medium andinform the NIC driver, which can then store the received data into areceive buffer. It must be the case that the memory locations whichcontain the packet data are not modified prior to the completion of thetransmission by the network interface driver. Once the driver hascompleted sending the packet across the network, it returns control ofthe memory locations to the sending software so that the memorylocations may be reused as needed.

The intermediate driver 120 contemplated by the present invention canallow multiple underlying network interfaces to send a packet inparallel, without the need to copy the packet. Rather than making acomplete copy of the data of the broadcast packet, the present inventioncontemplates the creation of multiple packet descriptors which merelypoint to the data of the packet. The intermediate driver 120 can thenprovide a packet descriptor to driver 61 and another packet descriptorto driver 62 and allow the drivers to send the data in parallel. In sucha manner, each driver can release its packet descriptor when it hascompleted sending the packet data stored in the buffers pointed to bythe pointers of the packet descriptor, and the intermediate driver 120can avoid duplicating the data stored in the buffers, thereby savingmemory.

Turning to FIG. 4, the broadcast packet above is shown as packet 231,which is structured so that the data of the packet is stored in buffers221, 223, and 225. The packet 231 is defined by a packet descriptor 232containing descriptors 233, 235, and 237 which point to locations inmemory 221, 223, and 225 respectively. As is understood by those skilledin the art, the packet 231 is the data which is to be transmitted acrossthe network and which is contained within the buffers 221, 223, and 225.However, since buffers 221, 223, and 225 are often not contiguous, andcan be quite large, the data which comprises the packet 231 can be moreeasily identified and controlled through the use of a packet descriptor232, which contains, in addition to other information about the packet,pointers to the memory locations in which the data of the packet isstored. The packet descriptor 232 can be thought of as the deed to thepacket 231, which is composed of the data stored in memory locations221, 223, and 225. Whichever network unit retains the packet descriptor232 by definition also has the packet 231.

The broadcast packet 231 was provided to the intermediate network driver120 from the application program 36 by passing down the packetdescriptor 232. The intermediate driver 120 can examine packet 231 anddetermine the appropriate destination of the packet. Once it hasdetermined the appropriate destination, the intermediate driver 120 candetermines the number of interfaces through which the packet must besent. Thus, if the application program 36 delivered a broadcast packetto the intermediate network driver 120, the intermediate driver woulddetermine that the packet needs to be sent through two networkinterfaces, namely the wire-based NIC 53 and the wireless NIC 54. Oncethe number of interfaces are determined, the intermediate driver 120 cancreate the appropriate number of packet descriptors such that eachinterface can be granted control of a packet and can send the datasimultaneously. For the layout illustrated in FIG. 3, two packetdescriptors that can be passed to the two interfaces 53 and 54 arerequired.

As is known by those skilled in the art, when a higher level applicationseeks to transmit a packet across the network, the application grantscontrol of the packet to the underlying network driver. Thus, in FIG. 4,control over original packet 231 was provided to the intermediate driver120 from the application program 36 by passing to the intermediatedriver the packet descriptor 232. Once the packet has been sent,intermediate driver 120 can return control of packet 231 to application36 by returning the packet descriptor 232. Since packet descriptor 232will be returned to the application 36, the intermediate driver 120 canavoid modifying the packet descriptor by creating a new base packet 201and a corresponding a new packet descriptor 202. As shown in FIG. 4, thebase packet descriptor 202 can contain descriptors 205, 207 and 209,which point to the same memory locations 221, 223, and 225 as do thedescriptors 233, 235, and 237 of the original packet descriptor 232.Thus, the base packet 201 is the same as the original packet 231.However, because base packet descriptor 202 only contains pointers tothe data buffers, the creation of the base packet 201 only required aminimal amount of memory, namely the memory necessary to hold basepacket descriptor 202. Had the intermediate network driver sought tocreate a duplicate packet by copying the data in buffers 221, 223, and225, the resulting memory consumption would be much greater.Furthermore, because the base packet descriptor 202 was created andinternally maintained by the intermediate driver 120, the base packetdescriptor can contain additional information. In addition to thepointers, the base packet descriptor 202 also contains a pointer 204back to the original packet 231, and a counter 203 which tracks thenumber of child packets pointing to the base packet.

Because the intermediate driver 120 will transmit the broadcast packetto two network interfaces, a second copy of the original packet 231 isneeded to perform the send in parallel. Thus, a child packet 211 is alsocreated by the intermediate driver 120 by creating another packetdescriptor 212 containing pointers 215, 217, and 219 to memory locations221, 223, and 225. As before, because the pointers 215, 217, and 219 ofthe child packet descriptor 212 point to the same memory locations 221,223, and 225 as the pointers 233, 235, and 237 of the original packetdescriptor 232, the child packet 212 is the same as the original packet231. Similarly, like the creation of the base packet 201, describedabove, the creation of child packet 212 did not consume a lot of memory,as the data of the packet, contained in buffers 221, 223, and 225, wasnot itself copied. The only memory used was that required to hold thechild packet descriptor 212. In addition to the pointers to the databuffers, the child packet descriptor 212 also contains a pointer 213 tothe base packet 201. When the intermediate driver creates the childpacket 211, it can increment the counter 203 of the base packetdescriptor 202.

To send the broadcast packet simultaneously through both the wirelessNIC 54 and the wire-based NIC 53, the intermediate driver 120 can sendthe child packet 211 to the wireless NIC driver 62 and the base packet201 to the wire-based NIC driver 61 by providing to driver 62 the childpacket descriptor 212 and providing to driver 61 the base packetdescriptor 202. Each driver will, in a manner known to those skilled inthe art, instruct the underlying NIC to send the data contained withinthe memory locations pointed to by the packet descriptors 212 and 202,respectively.

When each driver has completed sending the packet provided to it, it canreturn the packet descriptor to the intermediate driver 120, signalingthat it has completed sending the packet. The intermediate driver 120,however, can monitor the counter 203 of the base packet descriptor 202to determine if all of the network interfaces have completed thetransmission. Only after all of the interfaces have completed theirtransmissions would it be appropriate for the intermediate driver 120 toreturn the original packet 231 to the application program 36. Should theintermediate driver return the packet too soon, the application programmay modify the contents of buffers 221, 223, and 225 while an interfacewas reading data from those buffers to send across a network segment,resulting in a failed transmission of packet 231. Thus, if thewire-based NIC 53 completes sending the data contained in buffers 221,223, and 225, it can return the base packet descriptor 202 to theintermediate driver 120 and signal that it has completed itstransmission. The intermediate driver can decrement the counter 203 torecord this fact. However, the remaining value in counter 203 willindicate to the intermediate driver that a child packet has still notbeen returned. Thus the intermediate driver 120 can refrain fromreturning original packet descriptor 232 to the sending application 36.Once the wireless NIC 54 completes its transmission, it can return childpacket descriptor 212 and signal to the intermediate driver that it hascompleted sending the packet. The intermediate driver 120 can thendiscard the child packet descriptor 212 and decrement the counter 203 inthe base packet descriptor 202. Because the counter 203 now contains avalue indicating that all child packets have been returned, the basepacket descriptor 202 can also be discarded. The intermediate driver 120can then return the original packet 231 to the application 36, whichcan, in turn, reuse the memory locations 221, 223, and 225. In this way,the intermediate driver 120 can send the packet 231 through multipleinterfaces simultaneously, without exposing any of the complexity to theapplication program 36.

If the packet to be sent through multiple interfaces is received througha network interface, as opposed to sent by a local application asdescribed in detail above, the intermediate driver 120 is not givencontrol of the memory in which the received packet is stored, butinstead can copy the data into its own memory locations. As is known bythose of skill in the art, a received packet is stored in the networkinterface card's buffers. Because of the limited size of the networkinterface card's buffers, and because of the constant flow of packetdata into and out of the buffers, it is desirable to reuse the memorystorage space of the buffers as often as possible. Thus, when a packetis received on a particular network interface, the intermediate driver120 can copy the packet into its own memory, allowing the interface toefficiently reuse the memory previously occupied by the received packet.

Turning to FIG. 6, the networking components of FIG. 3 are shown with anadditional wire-based NIC 152 and its associated driver 150, connectedto port 154 on the software bridge implemented as the intermediatenetwork driver 120. In such a network environment, a broadcast packetfrom a computer on the network segment connected to the additionalwire-based NIC 152 can be received by NIC 152 and passed to theintermediate driver 120 through the additional wire-based NIC driver150. As was explained above, to avoid congesting the buffer of theadditional wire-based NIC 152, the intermediate driver will copy thereceived broadcast packet data into its own memory space. To copy thepacket data into its own memory, the intermediate driver 120 can createa packet descriptor such as base packet descriptor 702, shown in FIG. 7.Base packet descriptor 702 can have descriptors 706, 708, and 710 whichpoint to the locations in memory 724, 726, and 728 into which the dataof the received broadcast packet is stored by the intermediate driver.Thus, packet 700, shown in FIG. 7, is the intermediate driver's copy ofthe broadcast packet received by NIC 152.

Because the intermediate driver 120 retains control over base packet700, and does not need to return it to a sending application, as was thecase above with original packet 231, the base packet descriptor 702 cancontain additional information for the use of the intermediate driver.Thus, in creating the base packet descriptor 702, the intermediatedriver can add a counter 704 to determine when the packet 700 can bereleased. After examining the contents of the received packet, nowstored in buffers 724, 726, and 728, the intermediate driver candetermine the intended destinations of the packet. In the case of abroadcast packet received through port 154, the intermediate driver 120can deliver the packet to higher level applications or protocols on thehost computing device 20 through higher level interface 122, and cansend the packet to the other network segments through ports 124 and 125.To accomplish this broadcast in parallel, the intermediate driver cancreate three packet descriptors to provide to the higher levelapplications and to the other two network interfaces. Because it hasalready created the base packet descriptor 702 so that it could copy thereceived packet data into its own memory, the intermediate driver needonly create two additional packet descriptors. In one embodiment, thebase packet descriptor can be indicated to the higher level applicationsand protocols, while the child packet descriptors are given to theappropriate network interfaces.

FIG. 7 illustrates two child packets 712 and 730 created by theintermediate driver 120. Each packet descriptor 714 and 732 containsdescriptors 718, 720 and 722, and 736, 738, and 740, respectively, whichpoint to the same memory locations 724, 726, and 728 as the descriptors704, 706, and 708 of the base packet descriptor 702. As above, the childpackets 712 and 730 are, therefore, the same as base packet 700; and, asabove, the creation of child packets 712 and 730 does not consumesignificant memory resources because the data of the packets, containedin buffers 724, 726, and 728 was not copied. Each child packetdescriptor 714 and 732 contains a pointer 716 and 734, respectively, tothe base packet 700. For each child packet, the counter 704 of the basepacket descriptor 702 is incremented. In one embodiment, the counter 704can start at 1, so that it tracks the existence of the base packet inaddition to any outstanding child packets. In such an embodiment, avalue of 1 indicates that there are no further outstanding child packetsand the base packet can be released or deleted. As an alternative, thecounter 704 can begin at zero and track only the child packets. If thecounter begins at zero, then any non-zero value can indicate theexistence of outstanding child packets.

The intermediate network driver 120 can provide child packet 730 to thewireless NIC driver 62 to send across the wireless network segment 102,provide child packet 712 to the wire-based NIC driver 61 to send acrossthe wire-based network segment 100, and provide base packet 700 to thehigher level application program or protocol on bridge host computer 20.The wire-based NIC driver 61 will retain control over the child packetdescriptor 714 while the child packet 712 is read from buffers 724, 726,and 728 and sent over the network by the wire-based NIC 53. When thewire-based NIC 53 has completed sending the packet, the driver 61 willreturn the child packet 712 to the intermediate driver 120, which canthen discard it and decrement the counter 704. Similarly, when thewireless NIC 54 finishes sending the packet, and returns the childpacket 730 to the intermediate driver 120, the intermediate driver candiscard the child packet 730 and decrement the counter 704. In ananalogous manner, the higher level application or protocol can copy thebase packet 700 into its own memory space for processing, returning thepacket to the intermediate driver 120. When the intermediate driverreceives the returned descriptors 700, 714 or 732, and afterdecrementing the counter 704, it checks whether the counter 704 hasreached a value of zero. When the counter 704 reaches a value of zero,the intermediate driver can discard the packet 700. When the packet 700is discarded, the intermediate driver 120 is free to re-use memoryspaces 724, 726, and 728. Thus, because the intermediate driver copiedthe packet data into its own memory space, it does not need to returnit, unlike the situation illustrated in FIG. 4 and described in detailabove, where the intermediate driver needed to return the receivedpacket.

Despite the method used by the intermediate driver 120 to createduplicate packets, a single transmission success or failure is oftenrequested by the sending application or network interface. Thus, whilethe bridge internally creates and sends multiple packets, to the sendingapplication or interface it appears as if only a single packet was sent.The intermediate driver 120 can provide a composite packet status, suchthat a successful transmission is reported if at least one transmissionof the duplicate packets was successful. If no transmissions weresuccessful, then a failure can be reported. Such a scheme can operatemost effectively in networks such as an Ethernet network where only abest-effort attempt to deliver a packet needs to be made. Most often abroadcast packet, such as would be sent to multiple interfaces, is sentbecause the sender does not know on which network segment theappropriate destination is located. Therefore, if the packet is sent outthrough at least one interface, then there is a non-zero probabilitythat it will reach its intended destination. This is all that isnecessary to report a success in a network which only requires abest-effort attempt. Should a different type of network environment beused, the intermediate driver could report a successful transmissiononly if all, or a given percentage, of the simultaneous transmissionswere successful.

In one preferred embodiment, the software bridge is implemented as anintermediate driver conforming to the NDIS protocols as described above.The structure of an NDIS packet can be as follows:

typedef struct _NDIS_PACKET { NDIS_PACKET_PRIVATE  Private; union {struct // For Connection-less miniports { UCHAR MiniportReserved[2*sizeof(PVOID)]; UCHAR WrapperReserved[2*sizeof(PVOID)]; }; struct { // // For de-serializedminiports. And by implication // conn-oriented miniports. This is forthe send-path // only. Packets indicated will use WrapperReserved //instead of WrapperReservedEx // UCHAR MiniportReservedEx[3*sizeof(PVOID)]; UCHAR WrapperReservedEx[sizeof(PVOID)]; }; struct { UCHAR MacReserved[4*sizeof(PVOID)]; }; }; ULONG_PTR Reserved[2]; // Forcompatibility with Win95 UCHAR ProtocolReserved[1]; } NDIS_PACKET,*PNDIS_PACKET, **PPNDIS_PACKET;Variables Private, WrapperReserved, and MacReserved are reserved for useby NDIS and MiniportReserved and ProtocolReserved can be used by NDISdrivers for their own purposes. Buffer descriptors, known as memorydescriptor lists (MDLs) can be chained onto the end of the packetstructure above. In one preferred embodiment, the intermediate driver120 can use the MiniportReserved or the ProtocolReserved elements tostore information such as the pointers to the base packet and thecounter described above. In another preferred embodiment, theintermediate driver 120 can use a PACKET_INFO structure, defined in moredetail below, to store such information. In the preferred embodimentwhere the PACKET_INFO structure is used to store such information, apointer to the PACKET_INFO structure can be stored in theMiniportReserved or ProtocolReserved elements to link the PACKET_INFOstructure to the corresponding packet structure described above.

The software bridge implemented as an NDIS intermediate driver canmaintain information about each packet, such as the pointer to the basepacket, and the counter, whose use was described in detail above. Oneformat which can be used by the bridge is as follows:

typedef enum { BrdgPacketInbound = 0, BrdgPacketOutbound = 1,BrdgPacketCreatedInBridge = 2, BrdgPacketDirectionImpossible = 4 }PACKET_DIRECTION; typedef struct _PACKET_INFO { // Used by bufferingcode only BSINGLE_LIST_ENTRY List; PNDIS_PACKET pOwnerPacket; // Thesefields used by packet processing code struct { UINT bIsBasePacket: 1;PACKET_DIRECTION OriginalDirection: 2; } Flags; union { // This part ofunion valid if bIsBasePacket == FALSE struct _PACKET_INFO*pBasePacketInfo; struct { // This part of union valid if bIsBasePacket== TRUE PNDIS_PACKET pOriginalPacket; PADAPT pOwnerAdapter; LONGRefCount; NDIS_STATUS CompositeStatus; } BasePacketInfo; } u; }PACKET_INFO, *PPACKET_INFO;The List structure allows the PACKET_INFO structures to be queued, aswill be described in more detail below. Each NDIS packet, in the form ofthe NDIS_PACKET structure defined above, can be recovered from itscorresponding PACKET_INFO structure through the pOwnerPacket field,which contains a pointer to the NDIS_PACKET structure with which thePACKET_INFO structure is associated. In this way the intermediate driver120 can add the additional elements such as the pointers to the basepacket and the counter, as described above. Thus, the PACKET_INFOstructure contains bIsBasePacket, which indicates whether the packet isthe base packet; pBasePacketInfo, which is a pointer to the base packetif the packet is not the base packet; pOriginalPacket, which is apointer to the original packet; and RefCount, which is the counterdescribed above. Additionally, element OriginalDirection indicateswhether the packet was received from an underlying NIC, or from a higherlevel protocol or application. It can be set to BrdgPacketOutbound forlocal-sourced packets, or BrdgPacketCreatedInBridge for packets createdwithin the bridge to wrap a received packet. Also, element pOwnerAdapteridentifies the adapter to which pOriginalPacket is to be returned, ifnecessary.

In a preferred embodiment using the NDIS system and structures describedabove, the intermediate driver 120 can provide for transmission of asingle packet through multiple interfaces simultaneously, in the mannerdescribed in detail above. Turning to FIG. 4, original packet 231 can beprovided to the intermediate driver by either a NIC driver or a higherlevel application. Once the multiple parallel transmissions of the dataof original packet 231 are completed, the intermediate driver 120 canreturn the original packet to the NIC driver or the higher levelapplication. As stated above, the PACKET_INFO structure contains theOriginalDirection element, which can indicate to the intermediate driverwhether the original packet 231 was received from a NIC driver or from ahigher level application. Should the packet 231 have been received froma NIC driver, the intermediate driver 120 can return it to the NICdriver with a call to NdisReturnPackets, whereas if the packet 231 wasreceived from a higher level application, the intermediate driver canreturn it with a call to NdisMSendComplete.

In another preferred embodiment, the intermediate driver 120 can avoidthe creation of the additional packet descriptors where it is givencontrol over the original packet. Where the packet received by theintermediate driver need only be sent to a single network interface, orwhere it needs only to be indicated to the host computing device 20, butnot relayed to it, the intermediate driver itself can use theProtocolReserved or the MiniportReserved area of a packet descriptorheader. Alternatively, the intermediate driver can create a new packetdescriptor in the format of the PACKET_INFO structure above.

A dynamic memory allocation scheme can be used with the software bridgeof the present invention to minimize the number of packets discarded asa result of insufficient buffer storage, while maintaining a fairallocation of resources, and not exceeding the memory constraints placedon the networking subsystem. As has been explained above, theintermediate network driver 120 implementing the software bridgepresents the underlying network segments and their interfaces to thehigher level applications and protocols on the host computing device 20as a single network and interface. Thus, as perceived by the operatingsystem 35 of the host computing device 20, only a single interfacerequests and is provided with memory. The intermediate driver 120 canthen use this memory to buffer packets for the underlying networkinterfaces.

A dynamic memory allocation scheme for allocating memory among a numberof network interfaces to be used as buffer space is described in detailin a co-pending United States patent application, hereby incorporated byreference in its entirety, entitled “Dynamic Resource AllocationScheme”, filed on Mar. 2, 2001 and assigned to the assignee of thepresent application. Briefly, the dynamic memory allocation schemecontemplated by the above listed application attempts to buffer as manypackets for a network interface as are needed, while maintaining asafety buffer to provide a level of fairness and reserve some amount ofmemory to satisfy minimal packet buffering requests from other networkinterfaces.

A network interface can request a that a packet be stored in a segmentof memory either if the packet is to be transmitted and it cannot be dueto network congestion, or if the packet is an incoming packet that mustbe received into some memory location. Once the particular packet forwhich the memory was requested has been dealt with, the memory in whichit was stored can be returned to available memory for redistribution toanother network interface. The intermediate network driver 120 candetermine a fair share of memory for each network interface by dividingthe available memory by the number of network interfaces. Eachinterface's request to buffer a packet into a segment of memory can begranted so long as the intermediate driver has available memory, and theinterface has not yet consumed more than its fair share of memory,determined in the manner above. If an interface has consumed more thanits fair share of memory, it can still be granted further requests tobuffer packets into additional segments of memory if the memoryavailable to the intermediate driver is greater than a pre-definedsafety buffer.

The interplay between these two rules creates a system by which anetwork interface can have more packets buffered for it by theintermediate network driver than it could in a static scheme whichmerely divided the available memory equally between the interfaces;while simultaneously implementing a level of fairness such thatsufficient memory exists for additional interfaces. Consider a firstnetwork interface which, due to network congestion, requires asignificant amount of memory to buffer all of the packets waiting to besent when the congestion is resolved. The above dynamic allocationscheme will allow the first interface to buffer packets until theintermediate network driver has used all of the available memory, exceptfor a safety buffer. If a second network interface becomes congested,such that it too requires packets to be buffered, its packets can bestored into the memory remaining as the safety buffer. As the secondinterface requests packets to be buffered into the memory from thesafety buffer, the safety buffer is slowly consumed. However,concurrently, additional requests from the first interface can be deniedbecause the free memory remaining is less than the safety buffer. Whileadditional requests from the first interface are being denied, somepackets are being transmitted, and the memory in which those packetswere stored can be reused by the intermediate network driver. Thus,because requests for additional memory are being denied, and previouslyallocated memory is being reused, the total memory consumption of thepackets buffered for the first interface is decreasing. Subsequently,the returned memory can be used to satisfy requests from the secondinterface, as that interface has not yet used up its fair share.Ultimately, assuming that congestion continues in both network segments,and that the interfaces continue to request the buffering of packets atapproximately the same rate, the allocation of memory between the twointerfaces will reach a steady-state where each interface is consumingat least its fair share of memory.

When the intermediate network driver 120 is performing a multipleinterface transmission in parallel, as described above, the base packetand child packets must be accounted for to determine the memoryallocation of each interface as required by the above dynamic allocationscheme. While individual child packets can be released by the interfaceafter they are sent, the base packet is not released until all childpackets referring to its underlying data have been released. Slowinterfaces can, therefore, cause increased memory consumption byrequiring that packet data remain in memory, even though all otherinterfaces may have completed their transmission of that data. To avoidsuch increased consumption, the present invention contemplates countingdata shared between multiple child packets as if it were individuallyconsumed by each target interface, even though only one instance of thepacket data exists in memory. In such situations a sum of each adapter'sallocated memory may yield a value greater than the total memoryavailable. Such a result is not of concern as the memory is, in fact,being shared between multiple interfaces, and is therefore beingdouble-counted.

In a preferred embodiment, such as described above, where the networkbridge is implemented as an NDIS intermediate driver in anEthernet-network, the allocation and deallocation of memory toindividual network interfaces can be made faster through the use ofcaching systems if the intermediate driver does not preallocate itsmaximum permitted memory block. The software bridge can maintain a cachefor copy packets and wrapper packets where the cache is equal to thesafety buffer size for the pool of available memory for each type ofpacket. Furthermore, data buffers, and PACKET_INFO structures, such asthose described in detail above, can be allocated from the operatingsystem's 35 kernel lookaside lists, which cache freed blocks. The sizeof the lookaside lists' caches can be continuously monitored andadjusted by the operating system 35 to reflect actual usage conditions.

A preliminary examination, by the software bridge, of received packetscan increase the consistency and minimize the length of time between thereceipt of a packet by a network interface and the return of control tothe network interface from higher level network software. Turning toFIG. 3, when a NIC, such as NICs 53 and 54, receive a packet from thenetwork segment to which they are connected, the NIC drivers 61 and 62temporarily store the packet into a buffer and send an indication to ahigher level driver, such as intermediate driver 120, that a packet hasbeen received. Once the received packet has been indicated to theintermediate driver 120, the intermediate driver must respond to theindication before the NIC driver can resume processing inbound packets.

Therefore, to increase network efficiency, it is desirable to reduce thetime the NIC driver spends waiting for the intermediate driver torespond, and increase the predictability of that interval of time. Thesoftware bridge of the present invention, implemented as intermediatenetwork driver 120, can preliminarily perform a minimal analysis todetermine whether the received packet requires processing by it or onthe part of the host computer 20. If the packet requires processing, itis placed on a queue and processing is quickly returned to theunderlying NIC driver. If the packet does not require processing, eitherby the intermediate network driver 120, or the host computing device 20,it is simply discarded. Packets from one computer to another computer onthe same network segment require no bridge processing. Packets whichrequire processing are processed by a worker thread that services eachreceiving NIC's queue of received packets.

Each NIC has associated with it a received packet queue, which can beserviced by a queue-servicing thread. A thread to process the packets inthe queue can be requested through an associated auto-clearing event.The intermediate driver 120 can create a queue-servicing thread for eachprocessor when the intermediate driver is initialized by the operatingsystem 35. A queue-servicing thread can block against all NIC packetqueue events. When a NIC's received packet queue receives a packet to beprocessed, a queue servicing thread, which can be selected at random,can unblock and process the packets in the queue. To insure that noqueue-servicing thread operates for an extended duration, the number ofpackets processed by a thread on a given call can be limited. Once thethread has either completed processing all of the packets in the queue,or it reached the limit on the number of packets it can process, it canblock against all NIC packet queue events again. If the thread was notable to clear the packets in the queue, it can signal another thread tobegin processing. This can ensure maximum parallel execution withoutunnecessary thread overhead by limiting the processing to one thread perprocessor. By limiting the maximum number of packets which can beprocessed by a single thread, the system can ensure that each queue isgiven an opportunity to be serviced.

The intermediate driver 120 can also process received packets directedonly to the host computing device 20 in a more efficient manner. Packetsbetween computers on different network segments require processing bythe software bridge implemented as the intermediate driver 120. However,packets directed only to the host computing device 20 only requireminimal processing by the intermediate driver 120, and can be passeddirectly to higher level applications and protocols, such as application36. In the preferred embodiment described above, packets directed onlyto the host computing device 20 can be processed without the need toallocate additional PACKET_INFO structures. Instead, the intermediatedriver 120 can store necessary information in the ProtocolReserved orMiniportReserved area of the packet structure itself. By avoiding thecreation and linking of an additional PACKET_INFO structure, theprocessing by the intermediate driver can be minimized.

Received packets which are directed only to the host computing device 20need not be placed on the NIC's processing queue, but can instead bepassed by the intermediate driver 120 to higher level applications andprotocols directly when the intermediate driver initially examines thepacket to determine whether to place the packet on the NIC's processingqueue. However, if the processing queue of the NIC is not empty, thenpackets directed only to the host computing device 20 need to be placedon the queue and not sent immediately to higher level software, or theywould be received by such higher level software out of order, resultingin an inappropriate processing of data.

Turning to FIG. 8 a, one exemplary user interface is shown for providingthe user access to the functionality of the intermediate network driver120 and underlying network components. The exemplary user interface iscontained within a window 800, such as would be displayed to the userthrough monitor 47 of computing device 20. The window 800 can contain aclose button 806 for closing the window, a maximize button 808 forincreasing the size of the window to the fill the monitor display, and aminimize button 810 for decreasing the size of the window, such asplacing the window within a list of minimized windows, or as an icon ina dock of icons of minimized windows. Window 800 can also contain a menubar 802 providing the user easier access to functionality, and a browserbar 804, allowing the user to navigate through different presentationsof information. The window 800 can also set aside an area, such as area812 to provide the user single-click access to other functions or filesof the computing device 20.

The window 800 of FIG. 8 a includes an area 814 which can display, in agraphical manner, the various network segments or network interfacesavailable. For example, in the example shown in FIG. 8 a, the computingdevice 20 is connected to three different network segments through threedifferent network interface cards. Those three connections aregraphically displayed within the area 814 as user interface elements,namely connection icons 816, 818, and 820, entitled “local areaconnection”, “local area connection 2” and “local area connection 3”,respectively. Each of the connection icons can allow a user to accessthe properties of the network segment or the network interface which isrepresented by that connection icon. The user interface elementsrepresenting the network segments need not be iconic. In an alternativeexemplary user interface, the user interface elements can be textual, orconvey their representation of the network segments through colors orphysical location within a display area.

Turning to FIG. 8 b, one exemplary method for accessing the bridgingfunctionality of the intermediate network interface 120 is shown. In theexemplary method shown, connection icons 818 and 820 are simultaneouslyselected by the user and a functionality selection element, such as the“bridge connections” selection 834 can be accessed such as from a dropdown menu 830. The drop down menu 830 can be accessed through the menubar 802, by “right-clicking” (as it is known in the art) on one of theselected icons 818 or 820, or through an equivalent method.Alternatively, a different function selection element could be used,such as a “bridge connections” icon or a combination of user pressedkeys on the keyboard 40, known in the art as a “keyboard shortcut”. Byselecting the “bridge connections” function 834, or other similarfunction selection element, the user instructs the computing device 20to use the intermediate network driver 120 to bridge the two selectednetwork segments in the manner described above.

FIG. 8 c illustrates one exemplary method of presenting to the user abridged network. Area 814 now only contains the connection icon 816,which is not part of the bridged network. A new bridged area 842 can becreated, containing the connection icons 818 and 820 identifying thenetwork segments which comprise the bridged network. In addition, theuser can be presented a single user interface element representing theentire bridged network, such as bridge icon 840. The intermediatenetwork driver 120 exposes the bridged network segments as a singlenetwork interface to the higher level networking software as describedabove. The user can similarly be provided with a single interface (i.e.bridge icon 840) for accessing the properties of the bridged network asa whole. As above, the user interface element need not be an icon, andcan be, for example, a textual or color or location-based representationof the bridged network.

Turning to FIG. 8 d, an exemplary interface providing the user access tothe properties of the network segments and the bridged network is shown.FIG. 8 d shows property presentation elements in the form of foursub-windows 850, 870, 872, and 890, entitled “local area connectionproperties”, “local area connection properties 2”, “local areaconnection properties 3”, and “network bridge properties”, respectively.Each of these sub-windows can allow the user to access and change theproperties of the network or network connection they represent. Suchsub-windows can be accessed, in one embodiment, by double-clicking on aconnection icon, or by right-clicking on the connection icon and thenselecting an access properties command from the menu which appears. Inan alternative embodiment, the property presentation elements could be,for example, strictly iconic representations or a pure textual listing.

Property presentation element sub-window 850 illustrates an exemplaryuser interface providing a user access to the properties of a networkinterface, in this case the network interface labeled “local areaconnection” and identified by connection icon 816. The sub-window 850includes a sub-window close button 851 for closing the sub-window, and asub-window help button 852 for providing help to the user, such as helpin deciphering and accessing the properties displayed in the sub-window850. The sub-window 850 can also be dismissed through the OK button 866,which can store the changes indicated by the user, or the Cancel button867, which can revert all of the properties to their state prior to themost recent user interaction.

Within the sub-window, the user can be presented with choices regardingthe nature of the property sought to be edited. The exemplary sub-window850 shown in FIG. 8 d contains choices labeled “General”,“Authentication” and “Advanced” offered to the user through tabs 853,854, and 855, respectively. Tab 853 is shown as activated, allowing theuser access to “general” properties of the network connection. One suchproperty which can be presented to the user is the particular networkinterface card which is used to connect to the network segment selected.Network card display 856 shows the currently selected network interfacecard. In one embodiment, a different card can be selected through adrop-down menu which could appear when the user clicked on the networkcard display 856. In an alternative embodiment, the user could changethe network interface card by accessing additional options through theconfigure button 857. Another property which can be presented to theuser within the sub-window 850 are higher level networking software andprotocols which are to be used or provided over the selected networkinterface. The user can be presented with this property through the useof a item selection element, such as item window 858, which, in theexemplary embodiment illustrated in FIG. 8 d, contains a number ofhigher level networking software items which can be activated over theselected network, such as a network client feature 859, a file andprinter sharing feature 860, a quality of service packet scheduler 861,and protocols, such as TCP/IP 862. The user can add further options tothis list through the install button 863, or the user could remove someof the options with the uninstall button 864. Additional properties ofeach higher level networking software or protocol could be accessed bythe user through the properties button 865. In addition, the user canselect which of the higher level networking software or protocols are tobe made available over the particular network connection by checking orun-checking the selection boxes located to the left of each of theoptions.

Sub-windows 870 and 872 are the analogues to sub-window 850 forconnection icons 818 and 820, respectively, representing additionalnetwork segments. However, because the network segments represented byconnection icons 818 and 820 are bridged in the particular embodimentillustrated in FIG. 8 d, the user's access to certain properties canbecome limited. This is to prevent the user from creatinginconsistencies among the network segments which are bridged together.For example, sub-window 872 20 contains a network card display 876,which can allow the user to view and change the current networkinterface card connecting the selected network segment to the computingdevice 20. The user may also be able to change the network interfacecard via the configure button 877. However, the user may not be allowedto access or change the higher level networking software or protocolswhich are active over the current network segment. If the user wereallowed to change such settings, the purpose of the bridgingfunctionality of the present invention could be undermined. Recall thatthe intermediate network driver 120 conglomerates multiple networksegments that are bridged together into a single virtual network, suchthat the higher level software on the computing device recognizes onlythe single virtual network. Allowing the user to change the propertiesof a single network segment of the bridged network would no longerexpose the bridged network as only a single virtual network. Forexample. if the user were allowed to change the protocols, such asdeactivating the use of the TCP/IP protocol, on an individual networksegment which is bridged together with other network segments, thehigher level networking software would recognize the bridged network asa first network, and would also separately recognize the individualnetwork segment as a second network. A broadcast packet would,therefore, be sent to the whole bridged network (including theindividual network segment), and to the individual network segment byitself, resulting in duplicate packets for each computer on theindividual network segment. As will be known by those skilled in theart, further inconsistencies are also possible. Thus, in one embodiment,the user interface of the present invention prevents the user fromchanging the higher level software and protocols operating overindividual segments once they have been bridged according to the methoddescribed above.

However, because the bridged network can be provided its own connectionicon 840, the user interface can allow the user to change the higherlevel software and protocols active over the bridged network as a whole.Sub-window 880 illustrates an exemplary window for allowing the user toaccess and modify the properties of the bridged network as a whole. Forexample, sub-window 880 contains item window 890, analogous to itemwindow 858 of sub-window 850. Within item window 890, the user ispresented with any number of higher level networking software itemswhich can be activated or deactivated over the bridged network, such asa network client feature 891, a file and printer sharing feature 892, aquality of service packet scheduler 893, and protocols, such as TCP/IP894. The exemplary user interface can allow the user to activate ordeactivate the items through the use of a selection box located to theleft of the item. Additionally, the user can be allowed to add new itemsor remove existing ones via the install button 895 and the uninstallbutton 896, respectively. The user can also be allowed to obtain furtherinformation regarding selected higher level networking software orprotocols through the properties button 897. Another element withinsub-window 890 is the bridged network segment view 885. The bridgednetwork segment view 885, which is another type of item selectionelement, provides the user with a more familiar selection box mechanismfor bridging various network segments. For example, in the exemplaryembodiment shown in FIG. 8 d, local area connection item 886 is not partof the bridged network and local area network 2 item 887 and local areaconnection 3 item 888 are part of the bridged network. Recall from thedescription of the exemplary user interface above that these two networksegments were selected as connection icons 818 and 820 and wereinitially bridged together. The selection box interface allows the userto easily add additional network segments to the bridged network, suchas the network segment represented by item 886. Further configurationoptions can be presented to the user through the configure button 889.

As can be appreciated by those skilled in the art, the exemplaryembodiment of the user interface presented in FIGS. 8 a through 8 d isbut one of many different methods for presenting the functionalitydescribed above to a user of a computing device. Such functionality canalso be presented to the user through a text-based user interface, forexample. Alternatively, colors or proximity rather than separate windowscan be used to indicate associations in a graphical user interface.

Similarly, the software network bridge of the present invention isequally applicable to many different types of computing environments.For example, the present invention can be applied to a variety ofdifferent operating system environments, including very limitedoperating systems with only memory management functionality. Similarly,the present invention can be used in networks containing many differenttypes of computing devices, such as personal computers, handheldcomputers, mainframes, and dedicated processing systems. The softwarebridge enables two or more network segments to be viewed as a whole,both from the networked devices, and from the host computing device, andallows for efficiencies in multiple destination packet transmission,network interface buffer management, and received packet processing.

All of the references cited herein, including patents, patentapplications, and publications, are hereby incorporated in theirentireties by reference.

In view of the many possible embodiments to which the principles of thisinvention may be applied, it should be recognized that the embodimentdescribed herein with respect to the drawing figures is meant to beillustrative only and should not be taken as limiting the scope ofinvention. For example, those of skill in the art will recognize thatthe elements of the illustrated embodiment shown in software may beimplemented in hardware and vice versa or that the illustratedembodiment can be modified in arrangement and detail without departingfrom the spirit of the invention. Therefore, the invention as describedherein contemplates all such embodiments as may come within the scope ofthe following claims and equivalents thereof.

1. A method of bridging multiple network segments and exposing themultiple network segments as a single network to a higher levelnetworking software on a bridging computing device, the bridgingcomputing device connected to the multiple network segments throughmultiple network interfaces and exposing the single network through ahigher level interface, the method comprising: receiving a first packetfrom the higher level networking software or from one of the multiplenetwork interfaces; determining a first destination address of the firstpacket; locating the first destination address in a database;determining, by reference to the database, a first port through whichthe first destination address can be reached; processing the firstpacket with reference to the first port, including: placing the firstpacket onto a received packet queue, requesting a first queue-servicingthread to process the received packet queue, and processing the receivedpacket queue with the first queue-servicing thread; wherein theprocessing of the received packet queue is for a limited duration; andwherein the processing the first packet with reference to the first portfurther includes: requesting a second queue-servicing thread after thelimited duration if the received packet queue contains at least onequeued packet; and processing the received packet queue with the secondqueueservicing thread.
 2. A method of bridging multiple network segmentsand exposing the multiple network segments as a single network to ahigher level networking software on a bridging computing device, thebridging computing device connected to the multiple network segmentsthrough multiple network interfaces and exposing the single networkthrough a higher level interface, the method comprising: receiving afirst packet from the higher level networking software or from one ofthe multiple network interfaces; determining a first destination addressof the first packet; locating the first destination address in adatabase; determining, by reference to the database, a first portthrough which the first destination address can be reached; processingthe first packet with reference to the first port; identifying a rootbridge with reference to a lowest bridge identifier; identifying a rootport with reference to a most efficient network route to the rootbridge; identifying a designated port with reference to a connection toone of the multiple network segments through which a packet is receivedfor forwarding to the root bridge; and blocking a port if the port isneither the root port nor the designated port.
 3. A method of bridgingmultiple network segments and exposing the multiple network segments asa single network to a higher level networking software on a bridgingcomputing device, the bridging computing device connected to themultiple network segments through multiple network interfaces andexposing the single network through a higher level interface, the methodcomprising: receiving a first packet from the higher level networkingsoftware or from one of the multiple network interfaces; determining afirst destination address of the first packet; locating the firstdestination address in a database; and determining, by reference to thedatabase, a first port through which the first destination address canbe reached; processing the first packet with reference to the firstport; wherein the multiple network interfaces to the multiple networksegments are granted a memory segment through a dynamic memoryallocation method, the dynamic memory allocation method comprising:receiving a memory segment request for the memory segment from a firstnetwork interface of the multiple network interfaces; determining a fairshare of memory of the first network interface; determining a safetybuffer of memory; granting the memory segment if a first networkinterface memory allocated to the first network interface is less thanthe fair share of memory of the first network interface and an availablememory segment exists; and granting the memory segment if the firstnetwork interface memory allocated to the first network interface isgreater than the fair share of memory of the first network interface andthe available memory segment is greater than the safety buffer ofmemory.
 4. A method of bridging multiple network segments and exposingthe multiple network segments as a single network to a higher levelnetworking software on a bridging computing device, the bridgingcomputing device connected to the multiple network segments throughmultiple network interfaces and exposing the single network through ahigher level interface, the method comprising: receiving a first packetfrom the higher level networking software or from one of the multiplenetwork interfaces; determining a first destination address of the firstpacket; locating the first destination address in a database; anddetermining, by reference to the database, a first port through whichthe first destination address can be reached; processing the firstpacket with reference to the first port; and exposing to a user a userinterface comprising: a user interface element for each of the multiplenetwork segments; a function selection element for bridging at least twoof the multiple network segments into the single network; a userinterface element for the single network; and a property presentationelement for providing the user access to a property of a selectednetwork, the selected network being one of the multiple network segmentsor the single network; wherein the selected network is the singlenetwork, and wherein the property presentation element comprises an itemselection element for bridging another of the multiple network segmentsinto the single network.
 5. A method of bridging multiple networksegments and exposing the multiple network segments as a single networkto a higher level networking software on a bridging computing device,the bridging computing device connected to the multiple network segmentsthrough multiple network interfaces and exposing the single networkthrough a higher level interface, the method comprising: receiving afirst packet from the higher level networking software or from one ofthe multiple network interfaces; determining a first destination addressof the first packet; locating the first destination address in adatabase; and determining, by reference to the database, a first portthrough which the first destination address can be reached; processingthe first packet with reference to the first port; and exposing to auser a user interface comprising: a user interface element for each ofthe multiple network segments; a function selection element for bridgingat least two of the multiple network segments into the single network; auser interface element for the single network; and a propertypresentation element for providing the user access to a property of aselected network, the selected network being one of the multiple networksegments or the single network; wherein the selected network is abridged network segment, and wherein the property presentation elementprevents the user from accessing an item selection element for editing ahigher level networking software or protocol which is active over thebridged network segment.
 6. A computing device for bridging multiplenetwork segments and exposing the multiple network segments as a singlenetwork, the computing device comprising: multiple network interfacesconnected to the multiple network segments; a database comprising anetwork address and a corresponding port through which the networkaddress can be reached; and an intermediate network interface driver forexposing the multiple network segments as the single network through ahigher level interface, and performing steps comprising: receiving apacket through the higher level interface or from one of the multiplenetwork interfaces; determining a destination address of the packet;locating the destination address in the database; determining, byreference to the database, the corresponding port; and processing thepacket with reference to the corresponding port, including: placing thepacket onto a received packet queue, requesting a first queueservicingthread to process the received packet queue, and processing the receivedpacket queue with the first queue-servicing thread for a limitedduration, requesting a second queue-servicing thread after the limitedduration if the received packet queue contains at least one queuedpacket, and processing the received packet queue with the secondqueue-servicing thread.
 7. A computing device for bridging multiplenetwork segments and exposing the multiple network segments as a singlenetwork, the computing device comprising: multiple network interfacesconnected to the multiple network segments; a database comprising anetwork address and a corresponding port through which the networkaddress can be reached; and an intermediate network interface driver forexposing the multiple network segments as the single network through ahigher level interface; wherein the intermediate network interfacedriver performs steps comprising: identifying a root bridge withreference to a lowest bridge identifier; identifying a root port withreference to a most efficient network route to the root bridge;identifying a designated port with reference to a connection to one ofthe multiple network segments through which a packet is received forforwarding to the root bridge; and blocking a port if the port isneither the root port nor the designated port.
 8. A computing device forbridging multiple network segments and exposing the multiple networksegments as a single network, the computing device comprising: multiplenetwork interfaces connected to the multiple network segments; adatabase comprising a network address and a corresponding port throughwhich the network address can be reached; and an intermediate networkinterface driver for exposing the multiple network segments as thesingle network through a higher level interface; wherein the multiplenetwork interfaces are granted a memory segment through a dynamic memoryallocation method, the dynamic memory allocation method comprising:receiving a memory segment request for the memory segment from a firstnetwork interface of the multiple network interfaces; determining a fairshare of memory of the first network interface; determining a safetybuffer of memory; granting the memory segment if a first networkinterface memory allocated to the first network interface is less thanthe fair share of memory of the first network interface and an availablememory segment exists; and granting the memory segment if the firstnetwork interface memory allocated to the first network interface isgreater than the fair share of memory of the first network interface andthe available memory segment is greater than the safety buffer ofmemory.
 9. A computing device for bridging multiple network segments andexposing the multiple network segments as a single network, thecomputing device comprising: multiple network interfaces connected tothe multiple network segments; a database comprising a network addressand a corresponding port through which the network address can bereached; an intermediate network interface driver for exposing themultiple network segments as the single network through a higher levelinterface; and a user interface, comprising: a user interface elementfor each of the multiple network segments, a function selection elementfor bridging at least two of the multiple network segments into thesingle network, a user interface element for the single network, and aproperty presentation element for providing the user access to aproperty of a selected network, the selected network being one of themultiple network segments or the single network; wherein the selectednetwork is the single network, and wherein the property presentationelement comprises an item selection element for bridging another of themultiple network segments into the single network.
 10. A computingdevice for bridging multiple network segments and exposing the multiplenetwork segments as a single network, the computing device comprising:multiple network interfaces connected to the multiple network segments;a database comprising a network address and a corresponding port throughwhich the network address can be reached; an intermediate networkinterface driver for exposing the multiple network segments as thesingle network through a higher level interface; and a user interface,comprising: a user interface element for each of the multiple networksegments, a function selection element for bridging at least two of themultiple network segments into the single network, a user interfaceelement for the single network, and a property presentation element forproviding the user access to a property of a selected network, theselected network being one of the multiple network segments or thesingle network; wherein the selected network is a bridged networksegment, and wherein the property presentation element prevents the userfrom accessing an item selection element for editing a higher levelnetworking software or protocol which is active over the bridged networksegment.